Intel
A recent cyber campaign has been identified, targeting vulnerabilities in Internet Information Services (IIS) to spread a malware known as BadIIS. This attack manipulates search engine optimization (SEO) results, redirecting users to illegal gambling sites or malicious servers, primarily affecting several Asian countries. Widespread Impact and Financial Motivation Research indicates
Recent investigations have uncovered that cybercriminals are exploiting Google Tag Manager (GTM) to inject credit card skimmer malware into Magento-based e-commerce platforms. This alarming trend highlights the increasing sophistication of attacks targeting online payment systems. Understanding the Threat Security experts have identified that malicious actors are disguising harmful code as
Healthcare organizations have been put on high alert due to potential exploitation of three critical vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) software. The American Hospital Association (AHA), in collaboration with the Health Information Sharing and Analysis Center (Health-ISAC), has issued a cybersecurity advisory urging immediate action to mitigate
Cybersecurity experts have identified two harmful machine learning (ML) models on the Hugging Face platform that utilize a novel method involving "broken" pickle files to bypass detection mechanisms. This discovery highlights potential security risks in the ML supply chain. Exploiting Pickle File Vulnerabilities The malicious models were found
The DeepSeek mobile application for iOS has been found to have significant security vulnerabilities. A recent audit revealed that the app transmits sensitive user and device data over the internet without encryption, making it susceptible to interception and manipulation by malicious actors. Security Audit Findings Conducted by NowSecure, the audit
This week, a cybercriminal known as "emirking" claimed to have acquired 20 million OpenAI user login credentials, sharing samples of the purportedly stolen data. This alarming development raises significant concerns about the security of OpenAI's platforms and the potential misuse of sensitive user information. Details of
In a significant crackdown on cybercrime, the FBI, alongside European authorities, recently seized the domain names of the notorious forums Cracked and Nulled. These platforms, known for their vast user base and illegal activities involving stolen data, hacking tools, and malware, have been under scrutiny for some time. An in-depth
Recent investigations have uncovered a malicious strategy termed "infrastructure laundering," where cybercriminals exploit prominent cloud services like Amazon Web Services (AWS) and Microsoft Azure. This tactic involves renting IP addresses from these providers and mapping them to fraudulent websites, creating a complex challenge for cybersecurity defenses. Unveiling the
A newly discovered variant of the ValleyRAT malware is making waves in the cybersecurity world. This sophisticated threat employs advanced evasion techniques, multi-stage infection chains, and innovative delivery methods to target high-value individuals in organizations. Unveiling the ValleyRAT Threat Researchers from the Morphisec Threat Lab have identified a new version