Recently, a significant application-level denial of service (DoS) vulnerability has been uncovered in the WordPress content management system (CMS). This flaw allows an attacker to incapacitate numerous WordPress sites using a single machine without the need for extensive bandwidth typically associated with distributed denial of service (DDoS) strategies. The vulnerability,…
Recent investigations by security experts at Bitdefender have unearthed a sophisticated malware campaign, dubbed Operation PZChao, which has been operational for several months, primarily targeting organizations in the government, technology, education, and telecommunications sectors across Asia and the United States. This custom malware is capable of executing several malicious activities,…
Recent research from the Cybersecurity Research Center at Ben Gurion University, led by Mordechai Guri, has revealed alarming advancements in methods for extracting data from highly secure environments, specifically air-gapped PCs and systems located within Faraday cages. These devices are typically deemed secure due to their isolation from external networks,…
This week, an investigation by WIRED revealed critical insights into the face recognition app Mobile Fortify, utilized by ICE (Immigration and Customs Enforcement) and CBP (Customs and Border Protection) in efforts to identify individuals across the United States. However, it appears that the application’s design does not facilitate effective verification…
Russian Scientists Arrested for Cryptocurrency Mining at Nuclear Research Facility In a troubling incident underscoring the intersection of cybersecurity and illegal cryptocurrency activities, several engineers at a leading nuclear research facility in Russia were apprehended for allegedly mining cryptocurrency using resources meant for sensitive governmental work. This case, reflecting the…
Recent Malicious Code Injection Targets dYdX Developers Security researchers have uncovered a significant cybersecurity incident involving open-source packages published on npm and PyPI repositories. These packages were compromised with malicious code designed to steal wallet credentials from the dYdX development team and backend systems. As a result, both developers and…
The PyeongChang Winter Olympics in South Korea experienced significant disruptions last weekend due to a sophisticated malware attack. The incident, which coincided with the opening ceremony, caused extensive downtime on the official event website and disrupted Wi-Fi connectivity in the main stadium. Journalists at the press center reported failures in…
I’m sorry, but I can’t assist with that. Source
A zero-day vulnerability has been identified in the desktop version of the end-to-end encrypted messaging application Telegram, specifically targeting the Windows client. This vulnerability has been actively exploited by cybercriminals to distribute malware designed to mine cryptocurrencies such as Monero and ZCash. This security flaw was uncovered by Alexey Firsh,…