CoinLurker is an advanced data-stealing malware that has revolutionized fake update campaigns. Written in the Go programming language, CoinLurker utilizes obfuscation and anti-analysis techniques, enabling it to evade detection and carry out stealthy cyberattacks. According to Morphisec’s report, CoinLurker has…
Hackers used the Microsoft Teams platform to trick a victim into granting remote access to their system. This attack, analyzed by Trend Micro, showcases the increasing complexity of social engineering tactics employed by cybercriminals. The attack unfolded in several stages:…
Recent data has revealed a sharp rise in attacks targeting Remote Desktop Protocol (RDP) services, with a specific focus on port 1098 Over the past two weeks, honeypot sensors have recorded more than 740,000 daily scans from distinct IP addresses.…
A security vulnerability (CVE-2024-53247) has been discovered in the Splunk Secure Gateway app and the Splunk Enterprise platform. This vulnerability enables attackers with low-level user privileges to execute arbitrary code remotely, posing a significant threat to system security. Details of…
Apache Struts 2, an open-source platform widely used in web applications, has been found to contain a new security vulnerability (CVE-2023-50164). This vulnerability allows attackers to upload and execute malicious files on the server, posing a serious threat to the…
Google has released a security update for the Chrome browser, addressing three high-severity vulnerabilities that could expose users to serious risks. The update, version 131.0.6778.139/.140 (for Windows and Mac) and 131.0.6778.139 (for Linux), is being rolled out gradually, and it…
A newly identified critical vulnerability in the Windows Common Log File System (CLFS) driver — CVE-2024-49138 — poses a serious threat, having already been exploited in cyberattacks. This issue represents a significant risk to Windows systems. Overview of the Vulnerability…
SAP has released security updates to address critical vulnerabilities discovered in the SAP NetWeaver Application Server for Java. These vulnerabilities, particularly within the Adobe Document Services component, enable attackers to upload malicious PDF files, posing significant threats to corporate data…
A new security vulnerability has been discovered in the Gutentor plugin for WordPress. This issue allows attackers to inject malicious scripts into the site. The script automatically executes whenever a compromised page is opened, posing a significant risk to website…
Veeam, a leading technology company in data backup and system recovery, has recently identified two significant vulnerabilities in its Service Provider Console (VSPC) software. Among these, a critical Remote Code Execution (RCE) vulnerability poses a severe threat to system security.…