22/68 Thursday, January 16, 2025 A new malware campaign has compromised more than 5,000 WordPress websites, creating fake admin accounts, installing malicious plugins, and stealing sensitive information. Researchers from the cybersecurity firm c/side discovered that the malware uses the domain wp3[.]xyz to exfiltrate data to the attackers’ server. After successfully breaching a system, the malicious […]
21/68 Thursday, January 16, 2025 President Joe Biden has signed a landmark executive order aimed at supporting the development of artificial intelligence (AI) infrastructure. The order emphasizes the establishment of advanced AI data centers powered by renewable energy sources, such as wind and solar, to meet the growing demands of industries widely adopting AI. Federal […]
20/68 Wednesday, January 15, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has added new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. One of the vulnerabilities is CVE-2024-12686, an OS Command Injection vulnerability with a CVSS severity score of 6.6, found in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS). This vulnerability allows […]
19/68 Wednesday, January 15, 2025 Researchers from Trend Micro have disclosed that cyber attackers are targeting individuals searching for pirated software or cracked programs by using trusted platforms like YouTube and Google as tools for deception. The attackers create tutorial videos guiding users on how to install software, embedding download links in the video comment […]
18/68 Tuesday, January 14, 2025 The pro-Russia hacker group NoName057(16) launched Distributed Denial-of-Service (DDoS) attacks on Italian government agencies, critical infrastructure, and private organizations last week. The attacks followed Ukrainian President Volodymyr Zelensky’s visit to Rome, during which Italian Prime Minister Giorgia Meloni pledged full support for Ukraine in both defense and peace efforts. The […]
17/68 Tuesday, January 14, 2025 Cybercriminals are employing a new deception technique to bypass Apple iMessage’s anti-phishing system, which automatically disables links in messages from unknown senders, whether from email addresses or phone numbers. By tricking users into replying to the message or adding the sender to their contact list, the links become active, placing […]
16/68 Monday, January 13, 2025 Telefónica, a Spanish telecommunications giant, has confirmed that its internal ticketing system was hacked after stolen data was published on a hacking forum. The company revealed that it has blocked access to the system and is conducting a thorough investigation into the incident. Telefónica, one of Spain’s largest multinational telecommunications […]
15/68 Monday, January 13, 2025 Fortinet, a leading cybersecurity company, has issued a warning about a new phishing campaign that deceives PayPal users by using highly convincing links that appear legitimate to gain unauthorized access to user accounts. The phishing emails are meticulously crafted to mimic genuine PayPal notifications, including details such as payment information, […]
14/68 Friday, January 10, 2025 SonicWall has urged its customers to promptly upgrade the SonicOS firmware of their firewalls to mitigate an authentication bypass vulnerability identified as CVE-2024-53704, with a CVSS score of 8.2. This vulnerability affects the SSL VPN and SSH management features, posing a significant risk to users who have enabled these features. […]
13/68 Friday, January 10, 2025 Ivanti, a provider of cybersecurity solutions, has disclosed the exploitation of a zero-day vulnerability identified as CVE-2025-0282 in its Ivanti Connect Secure product. This vulnerability allows hackers to execute remote code and install malware on affected systems. CVE-2025-0282 is classified as a critical buffer overflow vulnerability with a severity score […]
