Latest Cybersecurity News and Articles


New Octo Android Malware Version Impersonates NordVPN, Google Chrome

01 October 2024
With enhancements like reduced data transmissions, dynamic code loading, and push notification blocking, Octo2 poses a significant threat to Android users and underscores the continued development of malicious mobile malware.

Critical GiveWP Flaw Puts 100k WordPress Sites at Risk

01 October 2024
The flaw allows attackers to execute code remotely by injecting a malicious PHP object due to improper handling of input during deserialization. This flaw is similar to CVE-2024-5932 but bypasses certain checks, making it even more dangerous.

Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0

01 October 2024
Rhadamanthys, an advanced information stealer, has introduced innovative AI capabilities in version 0.7.0, allowing it to extract cryptocurrency seed phrases from images using optical character recognition (OCR).

Critical SolarWinds Flaw Exposes 827 Instances, PoC Exploit Unveiled

01 October 2024
Security researcher Zach Hanley from Horizon3. ai discovered hardcoded credentials in the software, allowing unauthenticated access to sensitive IT support data, like password resets and shared service account credentials.

Patchwork APT Group Unleashes Nexe Backdoor for Cyber Espionage

01 October 2024
The group’s persistence is ensured by creating scheduled tasks and employing encryption methods like SHA256 hashing and the Salsa20 algorithm to transmit sensitive data to a command and control server named iceandfire[.]xyz.

Fake League of Legends Download Ads Spread Lumma Stealer

01 October 2024
Fake ads are spreading Lumma Stealer malware, targeting fans of the League of Legends World Championship. Cybercriminals are capitalizing on the event hype to trick unsuspecting gamers into downloading a malicious game version.

Sophisticated RAT Hides Behind P. Diddy Scandal Lures

01 October 2024
This malware, known as "PdiddySploit," poses serious security threats to individuals and organizations. The attackers are luring the public with promises of revealing deleted X posts related to Combs on social media platforms.

Old Vulnerability Rated 9.9 Impacts All GNU/Linux Systems, Researcher Claims

01 October 2024
Researcher Simone Margaritelli has uncovered a critical vulnerability that has been present in GNU/Linux systems for over a decade, scoring a 9.9 out of 10 for severity. This flaw allows attackers to gain complete control of vulnerable devices.

Phishing Attacks on Australia Disguised as Atlassian

01 October 2024
Mimecast highlighted a noticeable increase in the use of Atlassian to evade detection. The attackers utilized postmark URLs to gather data intelligence, including location and browser details.

DragonForce Ransomware Expands RaaS, Targets Firms Worldwide

01 October 2024
The DragonForce group utilizes dual ransomware variants, including one based on LockBit 3.0 and another on ContiV3, to target industries like manufacturing, real estate, and transportation.

PoC Exploit Shows Local Privilege Escalation Risk in Linux

01 October 2024
Researchers disclosed a critical privilege escalation vulnerability, CVE-2024-26808, in the Linux kernel affecting versions from v5.9 to v6.6. The flaw is in the Netfilter component, allowing root access by manipulating memory allocation.

Critical XSS Flaw Discovered in Filament Necessitates Urgent Update for Laravel Developers

01 October 2024
A critical XSS flaw (CVE-2024-47186) has been found in Filament, a popular Laravel development tool. The vulnerability affects versions 3.0.0 to 3.2.114, putting applications at risk that render unvalidated ColorColumn or ColorEntry values.

Multiple Vulnerabilities Discovered in PHP, Prompting Urgent Security Updates

01 October 2024
Key vulnerabilities include log manipulation in PHP-FPM (CVE-2024-9026), bypassing redirect configurations (CVE-2024-8927), CGI parameter injection vulnerability (CVE-2024-8926), and erroneous parsing of multipart form data (CVE-2024-8925).

Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials

01 October 2024
More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it's being used by a large number of cybercriminals to conduct credential theft. "For prospective phishers, Sniper Dz offers an online admin panel with a catalog of phishing pages," Palo Alto Networks Unit 42 researchers Shehroze Farooqi,

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet

01 October 2024
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to "use Docker Swarm's orchestration features for command-and-control (C2) purposes," Datadog researchers Matt Muir and Andy Giron said in an analysis. The attacks

Recognizing National Cybersecurity Awareness Month in 2024

01 October 2024
During National Cybersecurity Awareness Month, cybersecurity experts are reflecting on prominent threats and how they can be mitigated. 

U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails

30 September 2024
The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges related to securities fraud, wire fraud, and five counts of computer fraud. According to the court

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

30 September 2024
A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man's alleged targets were members of UGNazi, a hacker group behind multiple high-profile breaches and cyberattacks back in 2012.

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 23-29)

30 September 2024
Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android. But it wasn't all good news – Kaspersky's forced exit from the US market left users with more

Facebook retains consumer data for 180 days post account deletion

30 September 2024
A study found that Meta (Facebook, Instagram and Facebook Messenger), YouTube and Discord keep users’ data for 180 days after they have deleted their accounts.