Blog
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
Two critical security flaws in CasaOS personal cloud software allowed attackers to bypass authentication and gain full access to the system, posing a significant cyber threat.
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
Two critical security flaws in CasaOS personal cloud software allowed attackers to bypass authentication and gain full access to the system, posing a significant cyber threat.
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
Two critical security flaws in CasaOS personal cloud software allowed attackers to bypass authentication and gain full access to the system, posing a significant cyber threat.
Researchers Warn of Increased Malware Delivery via Fake Browser Updates
The threat group behind the SocGholish campaigns is likely responsible for the ClearFake malware delivery campaign, which uses compromised WordPress sites to push malicious fake browser updates.
Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure
In what's the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the social platform for targeting critical infrastructure. Discord, in recent...
Critical Vulnerabilities Expose Weintek HMIs to Attacks
The US cybersecurity agency, CISA, has warned organizations about critical vulnerabilities found in a human-machine interface (HMI) product made by the Taiwan-based Weintek. The impacted product is used globally, including in critical manufacturing.
Operators Behind Worldwide Linux XorDDoS Campaign Evolve Their Attack Infrastructure
The attackers behind the XorDDoS campaign have migrated their offensive infrastructure to legitimate public hosting services, making it harder to block their command and control (C2) traffic.
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems. The vulnerabilities, tracked...
Knight Ransomware Group Claims Cyberattack on BMW Munique Motors
The Knight group threatened to release stolen files and provided countdown links. However, the parent company, BMW, has not confirmed the attack. The website for BMW Munique Motors is still operational.
Multiple Vulnerabilities in South River Technologies’ Titan MFT and Titan SFTP Servers Fixed
These include authenticated remote code execution via "zip slip" and WebDAV path traversal, session fixation on the remote administration server, information disclosure via path traversal on FTP, and information disclosure in the admin interface.
FREE GUIDE