Author Info

Cybercriminals are deploying deceptive Microsoft OAuth applications that mimic Adobe and DocuSign apps to infiltrate systems and exfiltrate Microsoft 365 account credentials. These sophisticated campaigns, identified by cybersecurity researchers, are highly targeted and pose significant risks to various industries. Deceptive OAuth Applications The malicious applications in question are masquerading as

A recent phishing campaign has targeted nearly 12,000 GitHub repositories by creating fake "Security Alert" issues. These alerts deceive developers into authorizing a malicious OAuth application, granting attackers complete control over their accounts and code repositories. Details of the Phishing Campaign The phishing issues falsely warn users

A dual Russian-Israeli national, identified as a key developer for the notorious LockBit ransomware group, has been extradited to the United States from Israel. Rostislav Panev, aged 51, was apprehended in 2023 and made his initial court appearance in the US on March 14. Details of the Allegations The complaint

Cybersecurity researchers have identified a new malware campaign targeting individuals searching for pirated software. This campaign introduces a clipper malware known as MassJacker, which poses a significant threat to cryptocurrency users by intercepting and altering clipboard data. Understanding Clipper Malware Clipper malware is designed to manipulate clipboard data, often with

On October 23, 2024, Fortinet released an advisory regarding a critical zero-day vulnerability, CVE-2024-47575, affecting their FortiManager network management solution. This vulnerability, resulting from missing authentication for a critical function, allows remote attackers to execute arbitrary code or commands. The flaw has been actively exploited in the wild, prompting urgent

A recent disclosure from Ivanti has revealed two critical vulnerabilities affecting their Connect Secure, Policy Secure, and Neurons for ZTA gateways. The most severe, CVE-2025-0282, is a stack-based buffer overflow that enables remote, unauthenticated attackers to execute arbitrary code on targeted devices. Meanwhile, CVE-2025-0283 allows local authenticated users to escalate

A recent investigation into Cleo software exploitation has uncovered a sophisticated, multi-stage cyberattack involving a modular Java-based Remote Access Trojan (RAT). This attack utilizes an encoded Java Archive (JAR) payload to perform system reconnaissance, file exfiltration, command execution, and encrypted communication with a command-and-control (C2) server. The RAT's

On March 4, 2025, Broadcom issued a significant security advisory revealing three new zero-day vulnerabilities impacting various VMware products, including ESXi, Workstation, and Fusion. The most critical of these is CVE-2025-22224, which affects ESXi and Workstation. Although these vulnerabilities are not remotely exploitable, they require an attacker to have existing

In a surprising turn of events on February 20, 2025, the cybersecurity community gained unexpected insights into the notorious Black Basta ransomware group. An individual using the alias ExploitWhispers leaked a file on Telegram, purportedly containing the group's internal chat logs. This JSON dataset comprises 196,045 messages