Audio decoders of Qualcomm and Media Tek chips have been found to have three security vulnerabilities, and if the vulnerabilities are left unpatched, it…
github
General
The Beastmode DDoS Botnet is enslaving extra routers by exploiting new TOTOLINK bugs.
Between February and March 2022, a variant of the Mirai botnet known as Beastmode was observed using recently reported vulnerabilities in TOTOLINK routers to…
Cybersecurity
SSRF flaws created in multiple apps via Google Drive integration errors
Execution flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a mixture of applications, a security researcher has disclosed. This included…
General
Threat actor exploiting a zero-day vulnerability in the Zimbra open-source email platform
A threat actor, likely to be Chinese, targeted a zero-day vulnerability in the Zimbra open-source email platform. The zero-day exploitation is part of a…
crypto mining
Crypto Mining attacks use evolved version
A crypto mining campaign, which has been active, has developed its method to avoid detection. The threat actors have evolved their attack method to…
apache
Log4j news -Log4j patch releases by Apache
Log4j news – On 28th December 2021, another vulnerability affecting the Log4j logging library was discovered. The vulnerability is labelled CVE-2021-44832. The vulnerability CVE-2021-44832…
cyberattack
HTML smuggling targets Banking industry
Microsoft reported HTML smuggling, which spread via email, had been extensively targeting banking organizations. Microsoft described the attack that surfaced in the early half…
cryptocurrency
Cryptocurrency Theft: $3 Million stolen from SushiSwap MISO
An attacker used a supply-chain assault to steal $3 million in cryptocurrency theft from the SushiSwap MISO cryptocurrency platform by infecting Sushi’s private GitHub…
General
Dropbox: PoC release for Ghostscript vulnerability that revealed Airbnb
Malicious programmers have delivered a proof-of-concept (PoC) code that takes advantage of and as of late displayed vulnerability in more seasoned yet generally utilized…
Cybersecurity
Remote Code Execution Security gap fixed by NPM package
An extremely well-known NPM bundle called ‘pac-resolver’ for the JavaScript programming language has been fixed to address a remote code execution gap that could…