+84949482065
Canon has published a security advisory disclosing a critical vulnerability in drivers for "production printers, office/small office multifunction printers and laser printers." CVE-2025-1268, CVSS score 9.4, would allow an attacker…
Researchers at Infoblox have published a report describing a Phishing-as-a-service (PhaaS) kit observed in use since 2020, that has grown in complexity and among other capabilities now abuses domain name…
Last weekend, several DrayTek routers appeared to be stuck in reboot loops. DrayTek advises disconnecting the WAN and trying to upgrade the firmware, adding that users should "try the TFTP…
A critical unauthenticated HTTP(S) port access vulnerability in CrushFTP "could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them)." The flaw…
The UK Information Commissioner’s Office has fined IT and software services company Advanced Computer Software Group Ltd nearly £3.1 million (US $4 million) over a ransomware attack that "put the…
The US Federal Bureau of Investigation’s (FBI’s) Internet Crime Complaint Center (IC3) has published an alert warning that threat actors have been sending letters to C-suite executives, claiming that ransomware…
Mandiant discovered custom TinyShell backdoors on Juniper Networks’ Junos OS routers, attributed to the China-nexus espionage group UNC3886. The attacks affected routers running EOL hardware and software. More https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers
A new ransomware variant, Elysium, linked to the Ghost ransomware family, has been targeting critical infrastructure, healthcare, and government sectors by exploiting vulnerabilities in outdated applications. Read here https://www.netskope.com/blog/analyzing-elysium-a-variant-of-the-ghost-cring-ransomware-family
A new Android surveillance tool called KoSpy has been discovered, which is linked to the North Korean APT group ScarCruft. KoSpy was distributed through the Google Play Store and Firebase…
Researchers at CTM360 warned of a new PlayPraetor malware campaign targeting Android users through fake Google Play Store sites, tricking them into downloading the banking trojan via malicious APK files.…
