Intel

Cybersecurity researchers have identified a new malware campaign targeting individuals searching for pirated software. This campaign introduces a clipper malware known as MassJacker, which poses a significant threat to cryptocurrency users by intercepting and altering clipboard data. Understanding Clipper Malware Clipper malware is designed to manipulate clipboard data, often with

On October 23, 2024, Fortinet released an advisory regarding a critical zero-day vulnerability, CVE-2024-47575, affecting their FortiManager network management solution. This vulnerability, resulting from missing authentication for a critical function, allows remote attackers to execute arbitrary code or commands. The flaw has been actively exploited in the wild, prompting urgent

A recent disclosure from Ivanti has revealed two critical vulnerabilities affecting their Connect Secure, Policy Secure, and Neurons for ZTA gateways. The most severe, CVE-2025-0282, is a stack-based buffer overflow that enables remote, unauthenticated attackers to execute arbitrary code on targeted devices. Meanwhile, CVE-2025-0283 allows local authenticated users to escalate

A recent investigation into Cleo software exploitation has uncovered a sophisticated, multi-stage cyberattack involving a modular Java-based Remote Access Trojan (RAT). This attack utilizes an encoded Java Archive (JAR) payload to perform system reconnaissance, file exfiltration, command execution, and encrypted communication with a command-and-control (C2) server. The RAT's

On March 4, 2025, Broadcom issued a significant security advisory revealing three new zero-day vulnerabilities impacting various VMware products, including ESXi, Workstation, and Fusion. The most critical of these is CVE-2025-22224, which affects ESXi and Workstation. Although these vulnerabilities are not remotely exploitable, they require an attacker to have existing

In a surprising turn of events on February 20, 2025, the cybersecurity community gained unexpected insights into the notorious Black Basta ransomware group. An individual using the alias ExploitWhispers leaked a file on Telegram, purportedly containing the group's internal chat logs. This JSON dataset comprises 196,045 messages

A significant vulnerability in the FreeType library, used extensively for font rendering, has been identified and reportedly exploited in cyberattacks. This flaw, present in all versions up to 2.13, allows for arbitrary code execution, posing a severe risk to systems utilizing this library. Understanding the FreeType Vulnerability FreeType is

Cybersecurity experts have identified widespread exploitation of a severe PHP vulnerability that poses a significant risk to servers globally. This flaw, known as CVE-2024-4577, allows attackers to execute remote code on susceptible systems, particularly those running Windows servers with Apache and PHP-CGI configured with specific code pages. Understanding the PHP

Recent cybersecurity reports reveal that a North Korean hacking group, identified as Moonstone Sleet, has begun deploying Qilin ransomware in a series of targeted attacks. This marks a significant shift in their tactics, as they have traditionally relied on their own custom ransomware tools. The collaboration with a Ransomware-as-a-Service (RaaS)