Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps
During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8…
Cybersecurity In Critical Infrastructure: Protecting Power Grids and Smart Grids
Infrastructure like water system, supply system, telecommunication networks, and power plants are critical assets for any country in that the…
New RomCom malware variant ‘SnipBot’ spotted in data theft attacks
A new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to…
Fake WalletConnect app on Google Play steals Android users’ crypto
A crypto draining app mimicking the legitimate 'WalletConnect' project has been distributed over Google Play for five months getting more…
Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud…
Broadcom fixes critical RCE bug in VMware vCenter Server
Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via…
‘Void Banshee’ Exploits Second Microsoft Zero-Day
Attackers have been using the Windows MSHTML Platform spoofing vulnerability in conjunction with another zero-day flaw.
New Voldemort malware abuses Google Sheets to store stolen data
A campaign that started on August 5, 2024, is spreading a previously undocumented malware named "Voldemort" to organizations worldwide, impersonating…
‘Voldemort’ Malware Curses Orgs Using Global Tax Authorities
The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools…
South Korean hackers exploited WPS Office zero-day to deploy malware
The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS…