A hacking group from Iran called Charming Kitten has been trying to spy on cybersecurity experts in Israel. This group is known by other names too, like APT35, APT42, and Phosphorus. Security researchers believe it is backed by the Iranian government, and it has been active for years targeting people and organizations around the world. … Continued
A major security issue has been discovered in millions of Brother printers. Researchers from Rapid7 found that these printers have eight different security flaws, and one of them is extremely serious. This particular flaw allows anyone to figure out the device’s administrator password without logging in. It has been given a critical severity score of … Continued
A new cyberattack campaign linked to North Korea has been discovered, and it is targeting developers through the npm package manager. Researchers at Socket have identified 35 malicious packages that were uploaded to npm with the goal of stealing sensitive data from developers. The attack is part of a long-running operation known as the “Contagious … Continued
SonicWall has issued an important alert about a dangerous fake version of its VPN software, NetExtender. This software is normally used by people to safely connect to their office, school, or private networks from outside. But in this case, hackers created a copy of the software that looks almost the same as the original, and … Continued
Hackers are now targeting exposed Docker APIs to secretly mine cryptocurrency on vulnerable systems, and they’re using the Tor network to cover their tracks. This new cyberattack campaign has caught the attention of security researchers, who say it’s currently affecting cloud-based systems across industries like tech, finance, and healthcare. What’s surprising is that the attackers … Continued
The U.S. House of Representatives has decided to ban the use of WhatsApp on all government-issued devices. This move comes after the House Office of Cybersecurity labeled the messaging app as a “high-risk application” due to concerns around data protection and transparency. In a recent internal memo, the House told all congressional staffers that they … Continued
A Chinese state-sponsored hacking group named Salt Typhoon has been linked to a cyberattack on a Canadian telecommunications company. This group used a serious vulnerability in Cisco networking equipment to carry out the attack. The incident was confirmed by the Canadian Centre for Cyber Security (CCCS) and the FBI. The hackers targeted Cisco IOS XE … Continued
A well known Russian hacking group named APT28, also known as Fancy Bear, has started using Signal, a private messaging app, to deliver malware to Ukrainian government systems. This method is unusual because Signal is considered one of the most secure apps in the world. It’s mostly used by journalists, government officials, and cybersecurity professionals … Continued
Security researchers have discovered two critical vulnerabilities in Amazon Elastic Kubernetes Service (EKS) that could allow attackers to access AWS credentials and escalate privileges. These flaws come from how container permissions are configured in certain scenarios and show how small misconfigurations can lead to serious security risks. Amazon EKS is a managed service by AWS … Continued
Recently, the largest steel producer in the United States, Nucor Corporation, confirmed that it was hit by a cyberattack where hackers stole company data. This incident forced the company to shut down some of its systems and also led to temporary production delays at multiple locations. The attack was made public in a document filed … Continued
