SUMMARY A new malware campaign was recently identified that targets Linux environments, focusing on crypto-mining and botnet malware...
Hadooken Malware Targeting Oracle WebLogic
read more
Threat Advisories
Cisco Smart Licensing Utility Vulnerability
SUMMARY Cisco recently addressed two critical vulnerabilities (CVE-2024-20439 and CVE-2024-20440) in the Cisco Smart Licensing Utility (CSLU),...
SonicWall Firewall Vulnerability
SUMMARY SonicWall’s self-disclosed critical security vulnerability in SonicOS is now under active exploitation. Available updates should be...
Cicada3301 Ransomware Targeting Linux-Based ESXi Servers
SUMMARY A ransomware-as-a-service (RaaS) operation is posing as the legitimate Cicada 3301 organization and has already listed 19 victims on...
Voldemort Malware Exploiting Google Sheets
SUMMARY A new malware campaign was recently identified, which leverages Google Sheets as a command-and-control (C2) platform. This campaign...
Critical Vulnerability in SonicWall Firewalls Allows Unauthorized Access
Summary SonicWall issued patches for a critical vulnerability (CVE-2024-40766) affecting its firewalls. The flaw could allow unauthorized...
Lazarus Group Exploits Windows Driver Zero-Day to Deploy Rootkit
SUMMARY The Lazarus hacking group exploited a zero-day vulnerability in the Windows AFD.sys driver (CVE-2024-38193) to elevate privileges and...
PEAKLIGHT Dropper Exploits Windows Systems via Pirated Movie Downloads to Deliver Malware
SUMMARY A novel dropper that launches PowerShell-based malware to infect Windows systems has been identified, which is distributed through...
Critical Kubernetes Flaw Exposes Clusters to Command Injection Attacks
SUMMARY A critical Kubernetes vulnerability allows attackers to execute command injection attacks, affecting default installations across...
OpenVPN Vulnerabilities Lead to RCE and LPE
SUMMARY Microsoft reported four medium-severity vulnerabilities in OpenVPN that could be combined to enable remote code...