.png){kind=logo}
RSS
News
Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems -الأربعاء، 19 مارس 2025
Cybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT) environments, that could allow malicious actors to take control of susceptible systems.
How to Improve Okta Security in Four Steps -الثلاثاء، 18 مارس 2025
Okta serves as the cornerstone of identity governance and security for organizations worldwide. However, this prominence has made it a prime target for cybercriminals who seek access to valuable corporate identities, applications, and sensitive data.
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads -الثلاثاء، 18 مارس 2025
Cybersecurity researchers have warned about a large-scale ad fraud campaign that has leveraged hundreds of malicious apps published on the Google Play Store to serve full-screen ads and conduct phishing attacks.
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking -الثلاثاء، 18 مارس 2025
A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions.
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices -الأربعاء، 12 مارس 2025
Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks -الأربعاء، 12 مارس 2025
The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024.
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks -الأربعاء، 12 مارس 2025
Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks.
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations -الاثنين، 10 مارس 2025
Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil).
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools -الاثنين، 10 مارس 2025
A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services.
Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites -الثلاثاء، 4 مارس 2025
Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc.
