A deep-dive analysis by Gen Digital (Gen Threat Labs) has unveiled AuraStealer, an emerging Malware-as-a-Service (MaaS) that is rapidly gaining traction in underground forums by leveraging a devious distribution tactic known as “Scam-Yourself.”

A deceptive social engineering tactic known as “ClickFix” has evolved into a gateway for major ransomware attacks, with researchers uncovering a direct link between these fake verification prompts and the notorious Qilin ransomware group.

FortiGuard Labs has uncovered a sophisticated cross-regional campaign that has gradually expanded from China to Taiwan, Japan, and most recently Malaysia, revealing a methodical evolution in both targeting and technical capability.

X41 D-Sec GmbH, a leading cybersecurity firm, has completed a white-box penetration test of the Mullvad VPN application, revealing several vulnerabilities, including one rated as “critical” and two rated as “high” severity.

The vulnerability arises when applications incorrectly rely on the order or content of keys presented to the PublicKeyCallback function. Attackers can exploit this by presenting multiple public keys or authenticating with a different key.

The issue has been addressed in curl version 8.11.1. Users are strongly advised to upgrade to this version or apply the provided patch and rebuild curl. As a workaround, avoid using .netrc files together with redirects.

After a decade-long silence since its last known activity in 2014, Careto is back with new, sophisticated attacks targeting high-profile organizations, including governments, diplomatic entities, and research institutions.

A significant increase in brute-force attacks targeting outdated and misconfigured Citrix NetScaler devices has been observed in Germany, prompting warnings from cybersecurity experts and organizations, including CERT Germany and the German BSI.

A newly discovered vulnerability in Apache Superset, a popular open-source business intelligence platform, could allow attackers to gain unauthorized write access to sensitive data.

These vulnerabilities, identified as CVE-2024-37143 and CVE-2024-37144, pose significant risks, ranging from remote code execution to information disclosure, with CVSS scores of 10.0 and 8.2, respectively.