Staying safe in the current climate of cyberattacks can be challenging and often frightening. With hacking and data theft becoming increasingly accessible and easier to execute, ensuring the… Read More
A critical vulnerability in the PHP programming language (CVE-2024-4577) has been exploited by ransomware criminals, leading to the infection of up to 1,800 servers primarily in China with t… Read More
The Cyber Express, in collaboration with Cyble Research & Intelligence Labs (CRIL), is dedicated to providing the latest and most comprehensive information on security vulnerabilities. E… Read More
Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.
The group has been exploiting a known vulnerability (CVE-2017-11882) in the Mi… Read More
Hugging Face’s story began in 2016 in New York, when a group of passionate machine learning enthusiasts – Clément Delangue, Julien Chaumond, and Thomas Wolf, set out to cr… Read More
Check Point® Software Technologies Ltd., a leading AI-powered, cloud-delivered cyber security platform provider, has published its Global Threat Index for May 2024. Last month, researche… Read More
In May 24, 2024, Zero-Day Initiative released a security advisory for Ivanti EPM which was associated with SQL injection Remote code execution vulnerability.
This vulnerability was assign… Read More
Microsoft has disclosed a critical vulnerability identified as CVE-2024-30088.
With a CVSS score of 8.8, this flaw affects Microsoft Windows and allows loca… Read More
Cybersecurity watchdog Shadowserver has identified 256,000+ publicly exposed servers vulnerable to a critical Remote Code Execution (RCE) flaw in Microsoft Message Queuing (MSMQ) services… Read More
In a concerning development for the cryptocurrency community, OKX, in collaboration with its security partner SlowMist, is rigorously investigating a major security breach that resulted in t… Read More
SSH and RDP provide remote access to server machines (Linux and Windows respectively) for administration. Both protocols are vulnerable to brute-force attacks if solid passwords and access c… Read More
Let’s delve into a list of Plesk vulnerabilities and understand their implications. Our Plesk Support team is here to help you with your questions and concerns.
Plesk Vulnerabilities… Read More
A critical vulnerability (CVE-2024-30103) in Microsoft Outlook allows attackers to execute malicious code simply by opening an email. This "zero-click" exploit doesn't require user interacti… Read More
I'm taking a break from Victoria, this week, to write about one of history's lesser brains, Mary of Scotland. Her story needs a book, Dear Reader, so I'm gonna try and provide yo… Read More
Ionic applications are a popular choice for building cross-platform mobile apps using web technologies like HTML, CSS, and JavaScript. The Ionic framewor… Read More
Cybersecurity researchers have uncovered a new vulnerability in PHP that could allow attackers to execute malicious code remotely. Tracked as CVE-2024-4577, this CGI argument injection vulne… Read More
Published on June 11th, 2024Oracle WebLogic Server, a leading application server for building and deploying enterprise applications, has recently been found vulnerable to an OS command injec… Read More
A significant security vulnerability has been discovered by Tenable Research that affects Azure customers relying on Service Tags for their firewall rules. This vulnerability allows attacker… Read More
Key Takeaways:
Cyble Research and Intelligence Labs (CRIL) recently came across a campaign employing Windows shortcut (LNK) files associated with the Mustang Panda APT group. … Read More
Published on June 10th, 2024A recent report reveals that now-patched authorization bypass issues affecting Cox modems could have posed significant risks, potentially enabling unauthorized ac… Read More
The digital landscape offers many opportunities but also harbours a persistent threat: malware. Malicious software designed to disrupt, damage, or steal information from your devices continu… Read More
PC Privacy Shield 4.7.8 Crack is used as we search for things on our device or on our computer on one of the various social media platforms or download things on our devices. All history is… Read More
Due to the growing popularity of Apple devices, cybercriminals are increasingly targeting iOS and macOS with malware.
The App Store is no longer secure, and iCloud is a new target, as Ap… Read More
AdliveTech.The Best Website Security Advice: What Measures Will Your Site Take to Shield Off Cyber Attacks in 2024.
Website protection is even more crucial now that its popularity has increa… Read More
Apache RocketMQ platform is a widely used messaging system that handles high volumes of data and critical operations, often attracting hackers.
Exploiting the vulnerabilities in Roc… Read More
The government computer emergency response team of Ukraine, CERT-UA, in direct cooperation with the Cyber Security Center of the Armed Forces of Ukraine (CCB), has detected and investigated… Read More
The CyRC Vulnerability Advisory has reported a critical security flaw in EmailGPT, an AI-powered email writing assistant and Google Chrome extension that streamlines your email correspondenc… Read More
Ukrainian cyber defenders uncovered the resurgence of Vermin hackers after a two-year hiatus. The hacker group is targeting the country’s defense forces with spear-phishing emails that… Read More
On March 20, 2024, Progress Software disclosed three vulnerabilities in its Telerik Report Server products. The vulnerabilities were identified as CVE-2024-1800, CVE-2024-1801, and CVE-2024… Read More
Security researchers have uncovered a new phishing campaign that attempts to trick recipients into pasting (CTRL+V) and executing malicious commands on their system. It leverages a sophistic… Read More
Mandiant identified a UNC1151 information campaign targeting Ukraine, Lithuania, Latvia, and Poland with disinformation, as CRIL linked a recent malicious XLS campaign to UNC1151.
T… Read More
The robust frontend framework Angular 4 improves web development productivity and performance. With Angular 4’s features, developers can create scalable and reliable apps more quickly… Read More
A thorough security testing method called Vulnerability Assessment and Penetration Testing (VAPT) is used to find weaknesses in computer systems, networks, and applications. It entails analy… Read More
As AI continues to grow in importance, ensuring the security of AI services is crucial. Our team at Sonrai attended the AWS Los Angeles Summit on May 22nd, where we noted how big of a role A… Read More
Phishing attackers are distributing malicious HTML files as email attachments, containing code designed to exploit users by prompting them to directly paste and execute the code, which lever… Read More
Attackers are using malicious Excel files with VBA macros to deploy DLLs and ultimately install Cobalt Strike on compromised Windows machines, which use obfuscation and target specific proce… Read More
Hackers have multiple reasons for abusing malicious npm packages, as they can first use popular open-source libraries as a medium for distributing malware or backdoors without the users&rsqu… Read More
Interpol404, a threat actor (TA) is selling exploit code for a critical security vulnerability (CVE-2023-46359) on the Nuovo BreachForums. The TA has set a price tag of $200 for this vulnera… Read More
Hackers penetrated artificial intelligence (AI) company Hugging Face's platform to access its user secrets, the company revealed in a blog post.
The Google and Amazon-funded Hugging Face… Read More
Can the sovereign cloud become Oracle’s crowning glory?
Organisations in highly regulated industries, like the banking sector, are
also very interested in using sovereign clou… Read More
Securing web applications against common security threats is an essential aspect of modern software development. In the Yii framework, a popular PHP fram… Read More
Artificial Intelligence Company Hugging Face Reports Data Breach on Spaces Platform
Artificial Intelligence (AI) company Hugging Face disclosed on Friday that it had detected unauthorized… Read More
Published on June 1st, 2024Owners of TP-Link Archer C5400X routers beware! A critical security vulnerability (CVE-2024-5035) has been discovered that exposes your network to potential takeov… Read More
The Waqa virus, known as a ransomware infection, is part of the STOP/DJVU family. This malware is notorious for malicious file ciphering. When the Waqa virus gets into a computer, it targets… Read More
Remember these steps to keep your computer safe from viruses and protect your personal data. Use antivirus software to find and remove harmful programs. This software scans files and stops d… Read More
Researchers have uncovered new attacks by a North Korean advanced persistent threat actor – Andariel APT group – targeting Korean corporations and other organizations. The victim… Read More
South Korean researchers have observed the malicious use of pirated copies and cracked activators of legitimate productivity and office utility programs such as Hangul Word Processor and Mic… Read More
In recent cyberattacks, hackers are actively exploiting stored cross-site scripting (XSS) vulnerabilities in various WordPress plugins.
According to Fastly reports, these vulnerabilities… Read More
Smart contracts are revolutionizing various industries by enabling secure and transparent transactions without intermediaries. However, these powerful tools are not immune to vulnerabilities… Read More
Summary
Netskope Threat Labs is tracking multiple phishing campaigns that abuse Cloudflare Workers. The campaigns are likely the work of different attackers since they use two very differ… Read More
Published on May 28th, 2024A large-scale cyber espionage campaign, dubbed Operation Diplomatic Specter, has been targeting governmental entities across the Middle East, Africa, and Asia sinc… Read More
In a recent disclosure by ONEKEY Research Lab, a critical vulnerability in the TP-Link Archer C5400X gaming router was exposed, leading to remote command execution. The TP-Link Archer C5400X… Read More
In today’s digital landscape, website security has become a critical factor in determining a website’s success, both in terms of user trust and search engine optimization (SEO)… Read More
In the rapidly evolving landscape of cybersecurity, sophisticated attacks continue to challenge even the most prepared organizations. A recent cyber intrusion targeting MITRE’s Network… Read More