cybersecurity

HotPage Adware Exploits Microsoft-Signed Driver to Target Chinese Gamers

News

HotPage Adware Exploits Microsoft-Signed Driver to Target Chinese Gamers

ESET researchers have uncovered a sophisticated adware campaign called HotPage, which abuses a vulnerable Microsoft-signed driver to...

GoldenJackal APT Breaches Air-Gapped Government Systems in Sophisticated Cyberespionage Campaign

APT-News

GoldenJackal APT Breaches Air-Gapped Government Systems in Sophisticated Cyberespionage Campaign

ESET Research has uncovered a series of cyberespionage campaigns conducted by the advanced persistent threat (APT) group...

Telekopye Cybercriminals Now Target Booking.com and Airbnb Users in Sophisticated Hotel Scams

APT-News

Telekopye Cybercriminals Now Target Booking.com and Airbnb Users in Sophisticated Hotel Scams

ESET researchers have uncovered a significant evolution in the operations of the Telekopye cybercriminal network, which has...

ESET APT Activity Report Q2-Q3 2024: Key Trends in State-Sponsored Cyber Threats

APT-News

ESET APT Activity Report Q2-Q3 2024: Key Trends in State-Sponsored Cyber Threats

ESET’s latest APT Activity Report for Q2-Q3 2024 reveals significant developments in state-aligned cyber threats, with China,...

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

Malware Analysis

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

Following an international law enforcement takedown of the RedLine Stealer malware-as-a-service (MaaS) operation in October 2024, ESET...

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

APT-News

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

Summary for Security Leadership The Russia-aligned RomCom APT group (also tracked as Storm-0978 or UNC2596) has been...

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

Threat Intelligence

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

The second half of 2024 has seen significant shifts in the cyberthreat landscape, according to ESET’s latest...

Cybersecurity Never Takes a Holiday: Protecting Your Business 24/7

News

Cybersecurity Never Takes a Holiday: Protecting Your Business 24/7

As organizations prepare for seasonal breaks, cybercriminals are actively planning attacks. The holiday period often sees a...

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

CVE News

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

Summary for CISOs: A critical vulnerability (CVE-2024-7344) in UEFI Secure Boot allows attackers to bypass security checks...

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

CVE News

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

A critical vulnerability (CVE-2025-2687) has been discovered in PHPGurukul eLearning System 1.0, affecting its Image Handler component....

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Blue-Team
CVE News

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Zoho Corporation has addressed a medium-severity authentication vulnerability (CVE-2025-1723) in ManageEngine ADSelfService Plus versions 6510 and earlier....

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

CVE News

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

Broadcom has addressed multiple high-severity vulnerabilities in VMware ESXi, Workstation, and Fusion products, as detailed in NCSC...

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

CVE News

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

Summary: IBM has addressed critical security vulnerabilities in its enterprise storage products, including authentication bypass (CVE-2025-0159) and...

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

CVE News

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

SAP has released security updates addressing multiple vulnerabilities across its software portfolio, including SAP Commerce, SAP NetWeaver,...

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

CVE News

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

A critical authorization bypass vulnerability (CVE-2024-53351) has been discovered in PipeCD v0.49, allowing attackers to access service...

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

CVE News

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

A critical SQL injection vulnerability (CVE-2025-30590) has been discovered in the Dourou Flickr set slideshows plugin, affecting...

Hidden Threats in Microsoft 365 Backups: How Malware Lurks and Risks Reinfection

News

Hidden Threats in Microsoft 365 Backups: How Malware Lurks and Risks Reinfection

A recent study by Acronis Threat Research Unit reveals critical security gaps in Microsoft 365 backup data,...

Critical Next.js Vulnerability (CVE-2025-29927) Exposes Websites to Authorization Bypass Attacks

CVE News

Critical Next.js Vulnerability (CVE-2025-29927) Exposes Websites to Authorization Bypass Attacks

A severe security flaw in Next.js, tracked as CVE-2025-29927, allows attackers to bypass authentication and authorization checks...

Ivanti Secure Access Client Vulnerability Patched: NCSC-2025-0085 Explained

Blue-Team
CVE News

Ivanti Secure Access Client Vulnerability Patched: NCSC-2025-0085 Explained

On March 12, 2025, Ivanti announced the resolution of a critical vulnerability in its Ivanti Secure Access...

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

Exploitation
Threat Intelligence

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

Autodesk has recently addressed multiple vulnerabilities in its AutoCAD software, a critical tool used by architects, engineers,...

Posts pagination

Previous 1 … 27 28 29 30 31 32 Next

cybersecurity

HotPage Adware Exploits Microsoft-Signed Driver to Target Chinese Gamers

GoldenJackal APT Breaches Air-Gapped Government Systems in Sophisticated Cyberespionage Campaign

Telekopye Cybercriminals Now Target Booking.com and Airbnb Users in Sophisticated Hotel Scams

ESET APT Activity Report Q2-Q3 2024: Key Trends in State-Sponsored Cyber Threats

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

Cybersecurity Never Takes a Holiday: Protecting Your Business 24/7

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

Critical Next.js Vulnerability (CVE-2025-29927) Exposes Websites to Authorization Bypass Attacks

Ivanti Secure Access Client Vulnerability Patched: NCSC-2025-0085 Explained

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

You may have missed

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates