New JavaScript Attack Hijacking Government And University Websites
A sophisticated client-side JavaScript attack has compromised over 500 websites, including high-profile government and university domains.
The malicious campaign, which injects hidden links into the Document Object Model (DOM), is believed to be part of...
Memory-Based Attacks: How Fileless Malware Operates Without Leaving A Trace
Threat actors are always developing new and more effective approaches to system breaches in the perpetually shifting field of cybersecurity.
From basic computer viruses to the sophisticated persistent dangers of today, malware has developed extremely...
Threat Actors Abusing Cloudflare Workers Service To Deliver Weaponized Application
A sophisticated attack campaign leveraging Cloudflare's Workers service to distribute malicious applications disguised as legitimate software.
The Computer Emergency Response Team of Ukraine (CERT-UA) reported on December 17, 2024, that several web resources imitating...
FBI Warns Of HiatusRAT Attacking Web Cameras & DVRs To Gain Full Access
The Federal Bureau of Investigation (FBI) has issued a Private Industry Notification (PIN) alerting cybersecurity professionals and system administrators about a new threat targeting web cameras and digital video recorders (DVRs).
The malware, known...
“Rockstar 2FA” Phishing-as-a-Service Steals Microsoft 365 Credentials Via AiTM Attacks
Cybersecurity researchers have identified a concerning link between the advanced phishing toolkit known as 'Rockstar 2FA' and a surge in adversary-in-the-middle (AiTM) phishing attacks.
Highly advanced methods are used in these campaigns to trick people...
Active Directory Certificate Services Vulnerability Let Attackers Escalate Privileges
A critical vulnerability in Microsoft's Active Directory Certificate Services (AD CS) that could allow attackers to escalate privileges and potentially gain domain admin access.
This new exploit, dubbed ESC15 or "EKUwu," was discovered by...
New Elpaco Ransomware Actors Connect Via RDP To Deploy Ransomware
Elpaco ransomware, a Mimic variation, has been identified where attackers were able to connect via RDP to the victim's server following a successful brute force attack and subsequently execute the ransomware.
The variant abuses the...
Teaching AI to Hack: Researchers Demonstrate ChatGPT’s to Ethically Hack Linux & Windows
In a new study released today, researchers have demonstrated the significant potential of artificial intelligence (AI) in enhancing ethical hacking practices, particularly in Linux environments.
The study, conducted by Haitham S. Al-Sinani from the...
Recent Posts
Hackers Attacking Exposed Jupyter Notebooks To Deliver Cryptominer
A novel cryptomining campaign has been identified that exploits misconfigured Jupyter Notebooks, targeting both Windows and Linux systems.
The attack leverages exposed instances of Jupyter...