More than 17,000 WordPress websites have fallen victim to the Balada Injector malware. The latest campaign, which occurred in September, specifically targeted popular premium themes, namely tagDiv Newspaper and tagDiv Newsmag. The attacks primarily centered on a vulnerability within the tagDiv
A malicious campaign targeting open-source platforms has been discovered, with hundreds of info-stealing Python packages found hiding within these repositories. These packages have been downloaded approximately 75,000 times and pose a significant threat to users. According to a report by
In a landmark collaborative effort, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) that uncovers the ten most frequently encountered cybersecurity misconfigurations in large organizations'
Recent investigations by cybersecurity experts have unveiled ShadowSyndicate, a clandestine cybercrime group that has been operational since July 16, 2022. Notably, this group is linked to deploying as many as seven distinct ransomware families over the past year. Formerly known as Infra Storm, the
The Federal Bureau of Investigation (FBI) has warned of a sinister scam dubbed "Phantom Hacker", which has caused alarming financial damages, particularly among the senior community. This elaborate fraud scheme has evolved from typical tech support scams, integrating an intricate web of deceit
Malicious advertisements, known as malvertising, have made their way into Microsoft’s Bing Chat AI-powered search engine. Responses from the chatbot may include links to deceptive domains that effectively trick the user into downloading malware. Microsoft introduced Bing Chat, which is powered
In a swift response to a critical security threat, Google has patched a zero-day vulnerability in its Chrome browser that was being actively exploited by a commercial spyware vendor. The vulnerability, identified as CVE-2023-5217, was a heap buffer overflow in vp8 encoding within the libvpx
Cybersecurity researchers have discovered a new and concerning malware strain known as ZenRAT. This malicious software is taking advantage of unsuspecting Windows users by masquerading as Bitwarden, a trusted, open-source password manager. ZenRAT's intent is not to safeguard your passwords but to
The notorious Android banking Trojan, Xenomorph, has widened its attack spectrum to target customers of over two dozen major US and Canadian banks and several cryptocurrency wallets, including Bitcoin, Binance, and Coinbase. According to BleepingComputer, the trojan initially emerged in early 2022,
Cybersecurity researchers have uncovered a sophisticated phishing campaign that targets hotels, booking sites, and travel agencies, designed to steal the financial data of customers. The hackers compromise and then send phishing messages via the affected service’s official communication channels —