Vulnerability

Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation

2 minute read

Security

Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation

A recent claim that a critical zero-day vulnerability existed in the popular open-source file archiver 7-Zip has been met with skepticism from the software's creator and other security researchers.

byDeeba Ahmed

January 2, 2025

FortiGuard Labs Links EC2 Grouper Hackers to AWS Credential Exploits

3 minute read

FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits

Researchers at FortiGuard Labs have identified a prolific attacker group known as "EC2 Grouper" who frequently exploits compromised credentials using AWS tools.

byDeeba Ahmed

January 1, 2025

3 minute read

Exposed Cloud Server Tracks 800,000 Volkswagen, Audi, and Skoda EVs

SUMMARY A recent report from the German news outlet Spiegel has revealed a significant security breach impacting hundreds…

byDeeba Ahmed

December 30, 2024

Critical Flaw Exposes Four-Faith Routers to Remote Exploitation

2 minute read

Security

Critical Flaw Exposes Four-Faith Routers to Remote Exploitation

SUMMARY: VulnCheck has discovered a critical new vulnerability (CVE-2024-12856) affecting Four-Faith industrial routers (F3x24 and F3x36), with evidence…

byDeeba Ahmed

December 30, 2024

3 minute read

Postman Workspaces Leak 30000 API Keys and Sensitive Tokens

Thousands of Postman workspaces leaked sensitive data like API keys and tokens. Learn best practices to secure your API development environment and protect your organization

byDeeba Ahmed

December 24, 2024

3 minute read

Supply Chain Attack Hits Rspack, Vant npm Packages with Monero Miner

Popular npm packages, Rspack and Vant, were recently compromised with malicious code. Learn about the attack, the impact, and how to protect your projects from similar threats.

byDeeba Ahmed

December 23, 2024

3 minute read

Androxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities

Androxgh0st, a botnet targeting web servers since January 2024, is also deploying IoT-focused Mozi payloads, reveals CloudSEK’s latest research.

byDeeba Ahmed

December 18, 2024

3 minute read

Cl0p Ransomware Exploits Cleo Vulnerability, Threatens Data Leaks

SUMMARY The Cl0p ransomware group has recently claimed responsibility for exploiting a critical vulnerability in Cleo’s managed file…

byWaqas

December 16, 2024

Firmware Security: Identifying Risks to Implement Best Cybersecurity Practices

6 minute read

Security

Firmware Security: Identifying Risks to Implement Best Cybersecurity Practices

Find out the key security risks of firmware security: Identify threats, and learn best practices and protection methods…

byWaqas

December 16, 2024

3 minute read

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts

SUMMARY Cybersecurity researchers at Oasis Security have identified a vulnerability in Microsoft’s Multi-Factor Authentication (MFA), known as AuthQuake,…

byWaqas

December 11, 2024

The Latest

Security Risk Advisors joins the Microsoft Intelligent Security Association

CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in minutes

US Telecom Breaches Widen as 9 Firms Hit by Chinese Salt Typhoon Hackers

U.S. Sanctions Chinese Cybersecurity Firm Over Cyberattacks

Vulnerability

Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation

FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits

Critical Flaw Exposes Four-Faith Routers to Remote Exploitation

Postman Workspaces Leak 30000 API Keys and Sensitive Tokens

Supply Chain Attack Hits Rspack, Vant npm Packages with Monero Miner

Androxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities

Cl0p Ransomware Exploits Cleo Vulnerability, Threatens Data Leaks

Firmware Security: Identifying Risks to Implement Best Cybersecurity Practices

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts

Security Risk Advisors joins the Microsoft Intelligent Security Association

CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in minutes

SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach

Sonic and Injective Team Up to Build Industry’s First Cross-Chain Smart Agent Hub with Solana

Resecurity introduces Government Security Operations Center (GSOC) at NATO Edge 2024