Latest Cybersecurity News and Articles

Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network

By strategically flooding the network with a high volume of junk transactions, adversaries can overwhelm the processing capacity of these nodes, hindering their ability to relay legitimate transactions.

Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware

The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that's designed to drop the Visual Basic Script malware, Recorded Future's Insikt Group said in a new analysis.

Qlik Sense Users Face Serious Security Risk

These vulnerabilities, identified as CVE-2024-55579 and CVE-2024-55580, could allow unprivileged users with network access to compromise the server, potentially leading to remote code execution (RCE) and broken access control.

Romania’s Election Systems Targeted in Over 85,000 Cyberattacks

Threat actors obtained access credentials for election-related websites and leaked them on a Russian hacker forum less than a week before the first presidential election round.

Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution.

Threat Actor Targets Manufacturing Industry With Lumma Stealer and Amadey Bot

This campaign leverages multiple Living-off-the-Land Binaries (LOLBins), such as ssh.exe, powershell.exe, and mshta.exe, to bypass traditional security mechanisms and remotely execute the next-stage payload.

MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

Earth Minotaur uses the MOONSHINE exploit kit to deliver the DarkNimbus backdoor to Android and Windows devices, targeting WeChat, and possibly making it a cross-platform threat.

Black Basta Ransomware Campaign Drops Zbot, DarkGate, & Custom Malware

According to a detailed analysis by Rapid7, the threat actors have refined their techniques, introducing novel methods for gaining access and delivering malware, including Zbot, DarkGate, and custom-developed tools.

Crypto-Stealing Malware Posing as a Meeting App Targets Web3 Professionals

Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware.

Mitel MiCollab Zero-Day Flaw Gets Proof-of-Concept Exploit

Researchers released a PoC exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags