cybersecurity threats
-
Water Curse: A New Threat Actor Targeting GitHub to Distribute Malware
Researchers have unveiled Water Curse, a new threat actor leveraging GitHub repositories to distribute malware. The malware enables extensive data exfiltration and remote access, underscoring the risks of supply chain attacks through legitimate platforms.
-
Critical Flaw in Veeam Backup Software Prompt Workforce Update
Veeam Software has issued critical patches for vulnerabilities in its Backup & Replication software, including a major flaw allowing remote code execution. Security experts emphasize the urgency for users to update to safeguard against potential cyber threats.
-
Scania Confirms Cybersecurity Breach Involving Compromised Credentials and Extortion Attempt
Scania has confirmed a cybersecurity breach that involved the theft of insurance claim documents using compromised credentials. The attack was followed by extortion attempts, with the attackers threatening to leak the data unless demands were met.
-
Cyberattack Disrupts Iranian State-Owned Bank Amid Escalating Tensions
A cyberattack by the group Predatory Sparrow has taken Bank Sepah offline, disrupting services amid heightened military tensions between Iran and Israel. The attack underscores the rising prominence of cyber warfare in geopolitical conflicts.
-
Security Flaw in LangChain’s LangSmith Exposes Users to Data Theft
A security flaw in LangChain’s LangSmith platform has been revealed, allowing hackers to potentially intercept sensitive user data. The vulnerability has now been patched, but researchers caution about the risks associated with such cyber threats.
-
New Flodrix Botnet Exploits Vulnerabilities in Langflow Framework
A new botnet campaign exploiting vulnerabilities in the Langflow framework has emerged, allowing attackers to deploy the Flodrix malware. Cybersecurity experts emphasize the urgency of addressing this critical security flaw.
-
Cyber Crime Crew Scattered Spider Targets US Insurance Companies Amid Ransomware Surge
A rise in ransomware attacks targeting US insurance companies has been attributed to the cybercrime group Scattered Spider, prompting warnings from Google about the necessity for heightened security measures within the industry.
-
Infoblox Exposes Links Between Cybercrime Groups and AdTech Firms
Infoblox Threat Intel has revealed a hidden alliance between cybercrime group VexTrio and legitimate AdTech companies, indicating a complex web of relationships in the digital landscape that warrants ongoing scrutiny.
-
Critical Vulnerability Discovered in ASUS Armoury Crate Software
A serious vulnerability in ASUS Armoury Crate software could allow attackers to achieve SYSTEM-level privileges on Windows machines, according to a report detailing the flaw. Users are urged to update their applications to mitigate potential risks.
-
Zoomcar Reports Data Breach Affecting 8.4 Million Users
Zoomcar Holdings has reported a data breach affecting 8.4 million users, with unauthorized access resulting in the exposure of sensitive customer information. The company is currently investigating the breach, which follows a previous incident in 2018 that compromised data of over 3.5 million users.
