The cyber threat group known as Space Pirates has recently launched a sophisticated campaign targeting Russian information technology (IT) firms. This operation involves deploying a previously undocumented malware called LuckyStrike Agent. Solar, the cybersecurity division of Rostelecom, a state-owned telecom…
Cryptocurrency exchange Bybit announced on Friday that it fell victim to a “sophisticated” cyberattack, resulting in the theft of over $1.46 billion worth of cryptocurrency from one of its Ethereum cold (offline) wallets. This incident marks the largest single crypto…
Apple has announced the immediate removal of its Advanced Data Protection (ADP) feature for iCloud in the United Kingdom. This decision follows government demands for backdoor access to encrypted user data. Bloomberg first reported this significant development. What is Advanced…
Russian threat actors have launched sophisticated phishing campaigns that exploit the legitimate “Linked Devices” feature in the Signal messaging app. These attacks aim to gain unauthorized access to accounts of interest, particularly targeting individuals associated with military and governmental operations.…
In a recent security audit, significant vulnerabilities were uncovered in SimpleHelp, a remote support software that has been gaining popularity among users. Conducted by Horizon3, the audit revealed three critical security flaws that could potentially compromise both SimpleHelp servers and…
Cybersecurity experts raise alarms as attackers exploit a critical authentication bypass vulnerability (CVE-2024-53704) in SonicWall firewalls. This flaw affects the SSLVPN authentication mechanism and poses a significant risk to organizations using vulnerable SonicOS versions. With proof-of-concept (PoC) exploit code now…
Google is rolling out a new feature in Android designed to block fraudsters from manipulating device settings during phone calls. This important security measure, currently available in Android 16 Beta 2, aims to protect users from common tactics employed by…
In a concerning development for cybersecurity, threat actors have exploited a zero-day vulnerability in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) products. Additionally, they have taken advantage of a previously unknown SQL injection flaw in PostgreSQL. Rapid7 uncovered…
On the latest Patch Tuesday, Microsoft rolled out critical updates to address 63 security vulnerabilities across its software products. Among these, two vulnerabilities have emerged as actively exploited in the wild, highlighting the urgency for users and organizations to apply…
Brave Browser is set to enhance user interaction with the web through its upcoming version 1.75 for desktop, which introduces a feature called ‘custom scriptlets.’ This addition allows advanced users to inject their own JavaScript directly into websites, offering a…