Featured
Bootkitty: First UEFI Bootkit Malware Targeting Linux Systems Discovered
Security researchers have identified Bootkitty, a groundbreaking UEFI bootkit malware specifically designed to target Linux systems. This proof-of-concept malware can disable kernel signature verification and persist through OS reinstallation, marking a concerning evolution in firmware-level threats.
Critical Vulnerabilities in WordPress Anti-Spam Plugin Put 200,000 Sites at Risk
Two severe security flaws discovered in the Anti-Spam by CleanTalk WordPress plugin could allow attackers to gain unauthorized control of over 200,000 websites. The developer has released patches while security researchers implement protective measures for affected installations.
Ransomware Attack Forces Hoboken City Hall Shutdown and Service Disruptions
A cyber attack on Wednesday paralyzed Hoboken's municipal operations, forcing City Hall closure and suspension of multiple city services. While garbage collection and recreation programs continue, officials are investigating the ransomware incident alongside technical teams working to restore compromised systems.
Russian Hacking Group RomCom Exploits Firefox Zero-Days in Sophisticated Attack Campaign
A Russian cybercrime group has launched major attacks across Europe and North America by exploiting critical Firefox and Tor Browser vulnerabilities. The sophisticated campaign infected systems through maliciously crafted websites, demonstrating RomCom's advanced capabilities and evolving tactics.
Critical VPN Client Vulnerabilities Allow Attackers to Deploy Malware Through Fake Servers
Security researchers have discovered severe flaws in Palo Alto Networks' GlobalProtect and SonicWall's NetExtender VPN clients that enable attackers to execute malicious code through rogue VPN servers. The vulnerabilities could allow credential theft and system compromise through unauthorized software updates with elevated privileges.
D-Link Refuses Security Patches for 60,000 Vulnerable DSL Modems
D-Link announces it won't patch critical security vulnerabilities affecting 60,000 DSL6740C modems still in use, leaving users exposed to potential cyberattacks. Multiple severe flaws were discovered, including unauthorized password changes and remote code execution vulnerabilities.
Major Retailers Face Disruption as Blue Yonder Hit by Ransomware Attack
A significant ransomware attack on supply chain software provider Blue Yonder has impacted operations at Starbucks and major UK supermarkets. The incident highlights the widespread effects of cyber attacks on supply chain services, forcing companies to implement manual workarounds while recovery efforts continue.
U.S. Army Soldier Suspected in Snowflake Cloud Storage Extortion Campaign
A hacker known as 'Kiberphant0m', suspected to be an active U.S. Army service member in South Korea, has been linked to multiple data breaches and extortion attempts targeting Snowflake cloud storage customers. The investigation revealed multiple online personas and connections to various cybercrime activities including AT&T data theft and DDoS attacks.
Zero-Click Attack: RomCom Hackers Chain Firefox and Windows Flaws in Sophisticated Campaign
Russian-aligned RomCom hackers exploited two zero-day vulnerabilities in Firefox and Windows to silently compromise systems across Europe and North America. The sophisticated attack required no user interaction, highlighting the growing capabilities of state-sponsored threat actors.