Samsung MagicINFO flaw exploited days after PoC exploit publication

1 year ago

Threat actors started exploiting a vulnerability in Samsung MagicINFO only days after a PoC exploit was published. Arctic Wolf researchers…

Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324<gwmw style="display:none;"></gwmw>

1 year ago

Threat actors launch second wave of attacks on SAP NetWeaver, exploiting webshells from a recent zero-day vulnerability. In April, ReliaQuest…

U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalog

1 year ago

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Langflow flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and…

Google fixed actively exploited Android flaw CVE-2025-27363

1 year ago

Google addressed 46 Android security vulnerabilities, including one issue that has been exploited in attacks in the wild. Google's monthly…

New ‘Bring Your Own Installer (BYOI)’ technique allows to bypass EDR

1 year ago

A new BYOI technique lets attackers bypass SentinelOne EDR, disable protection, and deploy Babuk ransomware by exploiting the agent upgrade…

Smishing on a Massive Scale: ‘Panda Shop’ Chinese Carding Syndicate

1 year ago

Resecurity found a new smishing kit called 'Panda Shop,' mimicking Smishing Triad tactics with improved features and new templates. Resecurity…

Kelly Benefits December data breach impacted over 400,000 individuals

1 year ago

Kelly Benefits has determined that the impact of the recently disclosed data breach is much bigger than initially believed. Benefits…

A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov

1 year ago

A hacker stole data from TeleMessage, exposing messages from its modified Signal, WhatsApp, and other apps sold to the U.S.…

Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks

1 year ago

MintsLoader is a malware loader delivering the GhostWeaver RAT via a multi-stage chain using obfuscated JavaScript and PowerShell. Recorded Future…

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

1 year ago

Supply chain attack via 21 backdoored Magento extensions hit 500–1,000 e-stores, including a $40B multinational. Sansec researchers reported that multiple…

This website uses cookies.