Cyber Security

A recently discovered vulnerability in Microsoft's Windows Hello for Business (WHfB) authentication system allowed attackers to bypass the supposedly phishing-resistant login method, raising concerns about the security of this widely adopted passwordless solution. This flaw...

A financial institution in the Middle East endured a record-breaking Distributed Denial of Service (DDoS) attack for six days. The attack, orchestrated by the hacktivist group SN_BLACKMETA, set a new benchmark for the duration...

A critical security vulnerability has been discovered in the Progress® Telerik® Report Server, potentially allowing attackers to execute remote code on affected systems. The flaw, identified as CVE-2024-6327, has been assigned a CVSS score...

GitLab has released new Community Edition (CE) and Enterprise Edition (EE) versions to address multiple vulnerabilities. Among these, a high-severity cross-site scripting (XSS) vulnerability has garnered particular attention due to its potential to allow attackers...

A new tool known as the Darkgate Autoit Converter Crypter has emerged on the dark web. This sophisticated malware is designed to bypass Windows Defender and most other antivirus programs, posing a significant threat...

A new malware loader named "Krampus" has surfaced on the dark web, gaining rapid popularity among threat actors. The loader was announced on a dark web forum by a threat actor, as reported by...

A new threat actor, TAG-100, has emerged and is actively targeting government and private sector organizations worldwide and initiates its attacks by exploiting vulnerabilities in internet-facing devices, such as Citrix NetScaler and F5 BIG-IP,...

A critical security vulnerability in Docker Engine has been discovered, potentially allowing attackers to bypass authentication and gain unauthorized access to systems. The vulnerability, identified as CVE-2024-41110, affects multiple versions of Docker Engine and...

A massive data breach involving ClickBalance, one of Mexico's largest Enterprise Resource Planning (ERP) technology providers, has been uncovered by cybersecurity researcher Jeremiah Fowler. The breach exposed a staggering 769,333,246 records, totaling 395 GB...

A critical security bypass vulnerability, tracked as CVE-2024-21412, has been identified in Microsoft Windows SmartScreen. This flaw arises from an error in handling maliciously crafted files, allowing remote attackers to bypass SmartScreen security warnings...