Audio decoders of Qualcomm and Media Tek chips have been found to have three security vulnerabilities, and if the vulnerabilities are left unpatched, it…
github
The Beastmode DDoS Botnet is enslaving extra routers by exploiting new TOTOLINK bugs.
Between February and March 2022, a variant of the Mirai botnet known as Beastmode was observed using recently reported vulnerabilities in TOTOLINK routers to…
SSRF flaws created in multiple apps via Google Drive integration errors
Execution flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a mixture of applications, a security researcher has disclosed. This included…
Threat actor exploiting a zero-day vulnerability in the Zimbra open-source email platform
A threat actor, likely to be Chinese, targeted a zero-day vulnerability in the Zimbra open-source email platform. The zero-day exploitation is part of a…
Crypto Mining attacks use evolved version
A crypto mining campaign, which has been active, has developed its method to avoid detection. The threat actors have evolved their attack method to…
Log4j news -Log4j patch releases by Apache
Log4j news – On 28th December 2021, another vulnerability affecting the Log4j logging library was discovered. The vulnerability is labelled CVE-2021-44832. The vulnerability CVE-2021-44832…
HTML smuggling targets Banking industry
Microsoft reported HTML smuggling, which spread via email, had been extensively targeting banking organizations. Microsoft described the attack that surfaced in the early half…
Cryptocurrency Theft: $3 Million stolen from SushiSwap MISO
An attacker used a supply-chain assault to steal $3 million in cryptocurrency theft from the SushiSwap MISO cryptocurrency platform by infecting Sushi’s private GitHub…
Dropbox: PoC release for Ghostscript vulnerability that revealed Airbnb
Malicious programmers have delivered a proof-of-concept (PoC) code that takes advantage of and as of late displayed vulnerability in more seasoned yet generally utilized…
Remote Code Execution Security gap fixed by NPM package
An extremely well-known NPM bundle called ‘pac-resolver’ for the JavaScript programming language has been fixed to address a remote code execution gap that could…