Tenable Research revealed details of a recently patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run enabling an attacker to gain access to container images and even inject malicious code into them.
CONTINUE READING 🡒 Category: News
Hackers abuse MU plugins to inject malicious payloads to WordPress
According to Sucuri, hackers store malicious code in the MU-plugins (Must-Use Plugins) directory in WordPress and execute it while remaining undetected.
CONTINUE READING 🡒 
Zero-day vulnerability in Windows results in NTLM hash leaks
Security experts reported a new zero-day vulnerability in Windows that enables remote attackers to steal NTLM credentials by tricking victims into viewing malicious files in Windows Explorer.
CONTINUE READING 🡒 
Cloudflare to block all unencrypted traffic to its APIs
According to Cloudflare, effective immediately, only secure HTTPS connections to api.cloudflare.com will be accepted; while all HTTP ports are to be closed.
CONTINUE READING 🡒 
Alexa to stop processing data locally. All voice requests will…
Amazon announced that the privacy option allowing users of Echo speakers to avoid sending their voice recordings to the company’s cloud will no longer be supported.
CONTINUE READING 🡒 
8,000 vulnerabilities identified in WordPress ecosystem in 2024
According to Patchstack, world’s #1 WordPress vulnerability intelligence provider, 7,966 new vulnerabilities were identified in the WordPress ecosystem in 2024; most of these bugs affected plugins and themes.
CONTINUE READING 🡒 
Black Basta ransomware group developed its own automated brute-forcing framework
According to EclecticIQ, Black Basta Ransomware-as-a-Service (RaaS) group has developed its own automated brute-forcing framework dubbed BRUTED. It’s used to hack edge network devices (e.g. firewalls and VPN).
CONTINUE READING 🡒 
Researchers force DeepSeek to write malware
According to Tenable, the AI chatbot DeepSeek R1 from China can be used to write malware (e.g. keyloggers and ransomware).
CONTINUE READING 🡒 
Mass exploitation of PHP-CGI vulnerability in attacks targeting Japanese companies
GreyNoise and Cisco Talos experts warn that hackers are actively exploiting CVE-2024-4577, a critical PHP-CGI vulnerability that was discovered and fixed in early June 2024.
CONTINUE READING 🡒 
Nearly a million Windows computers impacted by a malvertising campaign
According to Microsoft, nearly 1 million Windows devices fell victim to a sophisticated malvertising campaign in recent months. Cybercriminals were able to steal credentials, cryptocurrency, and sensitive information from infected workstations.
CONTINUE READING 🡒 
YouTube warns of scam video featuring its CEO
According to YouTube, scammers use an AI-generated video of the company’s CEO in phishing attacks to steal user credentials.
CONTINUE READING 🡒 
Polish Space Agency disconnects its network due to hacker attack
Last weekend, the Polish Space Agency (POLSA) had to disconnect all of its systems from the Internet to localize an attack targeting its IT infrastructure.
CONTINUE READING 🡒 
Qualcomm extends support for Android devices to 8 years
Qualcomm Technologies announced its collaboration with Google with the purpose to provide extended support for OEM devices running on company’s flagship chipsets. This partnership will enable vendors to release software and security updates for their devices for up to eight years.
CONTINUE READING 🡒 
More than 100,000 users downloaded SpyLend malware from Google Play…
According to Cyfirma, a malicious Android app called SpyLend was available on the official Google Play Store for some time and has been downloaded from there more than 100,000 times. The malware known as SpyLoan (i.e. predatory loan app) was disguised as…
CONTINUE READING 🡒 
New JavaScript obfuscation technique uses invisible Unicode characters
According to Juniper Threat Labs , a new JavaScript obfuscation technique that uses invisible Unicode characters was used in a phishing attack targeting Political Action Committee (PAC) affiliates.
CONTINUE READING 🡒 
Microsoft fixes vulnerability in Power Pages exploited by cybercriminals
Microsoft patched a severe privilege escalation vulnerability in Power Pages used by hackers as a 0-day.
CONTINUE READING 🡒 
Newly-discovered vulnerabilities in OpenSSH open the door to MiTM and…
OpenSSH fixed two vulnerabilities that could result in MiTM and denial of service (DoS) attacks. Interestingly, one of these bugs appeared in the code more than 10 years ago.
CONTINUE READING 🡒 
Chrome Enhanced Protection mode is now powered by AI
The Enhanced Protection mode in Google Chrome has been updated. Now it uses AI to protect users from dangerous sites, downloads, and extensions in real time.
CONTINUE READING 🡒 
Dutch police seize 127 servers belonging to Zservers hosting provider
Following the introduction of international sanctions against Zservers, Russian ‘bulletproof’ hosting services provider, the Dutch National Police (Politie) shut down and seized 127 servers belonging to Zservers/XHost.
CONTINUE READING 🡒 
12,000 Kerio Control firewalls remain vulnerable to RCE
Security experts report that more than 12,000 GFI Kerio Control firewall instances remain vulnerable to the critical RCE vulnerability CVE-2024-52875, which was fixed back in December 2024.
CONTINUE READING 🡒