Clik here to view.
FlyingYeti Exploits WinRAR Vulnerability For Targeted Malware Attacks
Ever since Russia’s invasion of Ukraine on February 24, 2022, there have been heavy tensions between the nations and worldwide. After this incident, Ukraine imposed an eviction and termination...
View ArticleClik here to view.
Russian Hackers In Attempt To Distrupt The 2024 Paris Olympic Games
Russia is intensifying disinformation campaigns against France, President Macron, the IOC, and the 2024 Paris Olympics, blending decades-old tactics with AI, as the Microsoft Threat Analysis Center...
View ArticleClik here to view.
Python Developers Beware! Russian Hackers Targeting You With Malicious Packages
A malicious Python package named “crytic-compilers” was identified on PyPI. Masquerading as a legitimate library for intelligent contract compilation, it mimicked the name and versioning scheme of the...
View ArticleArm Warns Of Mali GPU Kernel Driver Flaws Exploited In The Wild
The Mali GPU driver is a widely used Graphical Processing Unit for multiple devices, including Android and Linux. A new vulnerability has been discovered in the Mali GPU Kernel driver. It allows an...
View ArticleMicrosoft Urges Windows Admins to Patch Microsoft Message Queuing RCE Flaw
Microsoft has disclosed two Critical remote code execution vulnerabilities in MSMQ (Microsoft Message Queuing) and the Windows Wi-Fi Driver. The CVE for these vulnerabilities has been assigned with...
View ArticleClik here to view.
Ivanti EPM SQL Injection Flaw Let Attackers Execute Remote Code
In May 24, 2024, Zero-Day Initiative released a security advisory for Ivanti EPM which was associated with SQL injection Remote code execution vulnerability. This vulnerability was assigned with...
View ArticleClik here to view.
SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files
SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a threat actor to read sensitive files on the host machine. This vulnerability existed in the...
View ArticleClik here to view.
New PhaaS Platform Lets Attackers Bypass Two-Factor Authentication
Several phishing campaign kits have been used widely by threat actors in the past. One popular PhaaS (Phishing-as-a-Platform) was Caffeine, which was first identified and reported by Mandiant...
View ArticleChinese UNC3886 Actors Exploiting VMware, Fortinet 0-days For Spying
In 2021, UNC3886, a suspected China nexus cyber espionage actor, was found to be targeting strategic organizations on a large scale, utilizing multiple vulnerabilities in FortiOS and VMware to install...
View Article1-Click Exploit In Kakaotalk’s Android App Allows Arbitrary Code Execution
KakaoTalk is an Android application that is predominantly installed and used by over 100 million people. It is a widely popular application in South Korea that has payment, ride-hailing services,...
View Article