The Shadowserver Foundation warns of a massive web login brute-forcing attacks targeting nearly 2.8 million IP addresses per day. Unknown attackers are seeking credentials for a wide range of network devices belonging to such companies as Palo Alto Networks, Ivanti, and SonicWall.
CONTINUE READING 🡒 Category: News
Failed attempt to block phishing link results in massive Cloudflare…
According to the incident report released by Cloudflare, an attempt to block a phishing URL on the R2 platform accidentally caused a massive outage; as a result, many Cloudflare services were unavailable for almost an hour.
CONTINUE READING 🡒 
Abandoned AWS S3 buckets could be used in attacks targeting…
watchTowr discovered plenty of abandoned Amazon S3 buckets that could be used by attackers to deliver malware and backdoors to government agencies and large corporations.
CONTINUE READING 🡒 
Hackers exploit RCE vulnerability in Microsoft Outlook
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Federal Civilian Executive Branch (FCEB) Agencies that they have to secure their systems from ongoing attacks exploiting a critical vulnerability in Microsoft Outlook by February 27, 2025.
CONTINUE READING 🡒 
768 vulnerabilities were exploited by hackers in 2024
According to VulnCheck, 768 CVEs were registered as exploited in real-life attacks in 2024. This is 20% greater compared to 2023 when hackers exploited 639 vulnerabilities.
CONTINUE READING 🡒 
Let’s Encrypt to stop sending expiration notification emails
The nonprofit organization announced that, starting June 4, 2025, it will stop sending expiration notification emails to subscribers. The primary reason behind this decision is that providing expiration notifications costs Let’s Encrypt tens of thousands of dollars per year.
CONTINUE READING 🡒 
Google patches Android zero-day vulnerability exploited by hackers
Google released the February set of patches for Android. In total, they fix 48 bugs, including a kernel zero-day vulnerability actively exploited by hackers.
CONTINUE READING 🡒 
PyPI introduces a project archival system to combat malicious updates
The Python Package Index (PyPI) introduces a new project archival system: a project can now be archived to notify users that it’s not expected to be updated any time soon.
CONTINUE READING 🡒 
Critical RCE vulnerability fixed in Cacti
A critical vulnerability has been discovered in the open-source Cacti framework: it enables an authenticated attacker to remotely execute arbitrary code.
CONTINUE READING 🡒 
Hackers use vulnerabilities in SimpleHelp RMM to attack corporate networks
Experts believe that recently patched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) were used by attackers to gain initial access to corporate networks.
CONTINUE READING 🡒 
Google to disable Sync in older Chrome versions
Google announced that in early 2025, Chrome Sync will be disabled in Chrome versions older than four years.
CONTINUE READING 🡒 
J-magic backdoor attacked Juniper Networks devices using ‘magic packets’
A massive backdoor attack targeting Juniper routers often used as VPN gateways has been uncovered. The devices were attacked by the J-magic malware that starts a reverse shell only after detecting a ‘magic packet’ in network traffic.
CONTINUE READING 🡒 
YouTube plays hour-long ads to users with ad blockers
Users complain that YouTube plays very long unskippable ads. Sometimes such ads are longer than the video the person is watching.
CONTINUE READING 🡒 
Zyxel firewalls reboot due to flawed update
Zyxel warned its customers that a recent signature update may cause critical errors in USG FLEX and ATP series firewalls. As a result, devices go into infinite reboot loops.
CONTINUE READING 🡒 
Cisco patched a critical vulnerability in Meeting Management
Cisco released updates to fix a critical (CVSS score: 9.9) vulnerability in Meeting Management. The bug enables an unprivileged remote authenticated attacker to gain administrative privileges.
CONTINUE READING 🡒 
18,000 script kiddies have been infected with backdoor via XWorm…
According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies’ systems become infected with a backdoor that steals data and subsequently seizes control over their computers.
CONTINUE READING 🡒 
Hundreds of websites impersonating Reddit and WeTransfer spread Lumma Stealer
Sekoia researcher crep1x discovered that hackers are currently using some 1,000 pages impersonating Reddit and WeTransfer. Victims visiting these sites are tricked into downloading the Lumma Stealer malware.
CONTINUE READING 🡒 
Fake Telegram CAPTCHA forces users to run malicious PowerShell scripts
Hackers used the news of Ross Ulbricht pardoning to lure users to a rogue Telegram channel where they are tricked into running malicious PowerShell code.
CONTINUE READING 🡒 
Fake Homebrew Infects macOS and Linux Machines with infostealer
Attackers use Google ads to disguise themselves as the Homebrew website and distribute malware targeting Mac and Linux systems and stealing logon credentials, browser data, and cryptocurrency wallets.
CONTINUE READING 🡒