Critical Vulnerability Discovered in Microsoft’s Copilot Studio Cybersecurity experts have revealed a significant security vulnerability impacting Microsoft’s Copilot Studio, raising concerns about the potential for unauthorized access to sensitive data. The flaw, designated as CVE-2024-38206 with a CVSS score of…
Cybersecurity Threat: Surveillance Tool MerkSpy Exploits Microsoft MSHTML Vulnerability Recent reports from Fortinet’s FortiGuard Labs indicate the emergence of a sophisticated surveillance tool known as MerkSpy, which is being used by unidentified threat actors to compromise systems through a now-patched…
This week, a reader expressed concern over receiving multiple notifications regarding data breaches that may impact their accounts. Over the past few months, they have reported receiving six written notices from various companies, all of which are offering complimentary identity…
GitHub has announced a series of critical security updates addressing three vulnerabilities impacting its Enterprise Server (GHES) product. Among these, one flaw is particularly severe and could potentially allow unauthorized users to obtain site administrator privileges. The vulnerability, designated as…
In a significant law enforcement initiative dubbed Operation MORPHEUS, approximately 600 servers utilized by cybercriminal syndicates were dismantled, disrupting a critical component of the infrastructure linked to the Cobalt Strike tool. This crackdown, coordinated by Europol, particularly targeted unlicensed and…
In a recent development reported by AFP, French authorities have been alerted to a potential data breach, raising concerns over the security of sensitive information. The incident underscores the continuing threat that data breaches pose to organizations across various sectors,…
Cybersecurity experts have reported a significant vulnerability within the LiteSpeed Cache plugin for WordPress, one of the platform’s most commonly used caching solutions, boasting over five million active installations. This flaw, identified as CVE-2024-28000, has the potential to enable unauthenticated…
New Botnet ‘Zergeca’ Threatens Cybersecurity Landscape with Advanced DDoS Capabilities Cybersecurity experts have identified a new botnet named Zergeca, which exhibits significant potential to launch distributed denial-of-service (DDoS) attacks. Written in the Golang programming language, the botnet derives its name…
T-Mobile Reaches Settlement Over Data Breaches Amounting to $31.5 Million In a recent development, T-Mobile USA has agreed to a settlement of $31.5 million connected to allegations of multiple data breaches that compromised the personal information of millions of customers.…
Google has announced a series of security updates to address a critical vulnerability in its Chrome browser, identified as CVE-2024-7971. This vulnerability involves a type confusion flaw affecting the V8 JavaScript and WebAssembly engine and has reportedly been actively exploited…
