Citrix has issued crucial security updates addressing a significant vulnerability that affects NetScaler Console and NetScaler Agent, potentially leading to privilege escalation under specific conditions. As highlighted by Citrix, this flaw, identified as CVE-2024-12284, has been awarded a CVSS v4 score of 8.8 out of 10, marking it as a…
A recent cybersecurity campaign has exploited ostensibly harmless Android dropper apps available on the Google Play Store to infiltrate users’ devices with banking malware. Dubbed DawDropper by security analysts at Trend Micro, this malicious operation involved 17 dropper applications masquerading as productivity and utility tools, including document scanners, VPN services,…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Researchers Uncover Covert Chinese Access to US Service Provider Infrastructure Chris Riotta (@chrisriotta) • September 24, 2025 Image: Visut Chaivithooanukul/Shutterstock In a significant cybersecurity revelation, researchers have elucidated a long-running Chinese-linked cyberespionage campaign that infiltrated U.S. infrastructure and various enterprise service providers…
Increase in DNA Collection Raises Privacy Concerns In recent years, there has been a significant expansion in DNA collection efforts managed by the Department of Homeland Security (DHS). This escalation can be traced back to a notable rule change by the Justice Department in April 2020, which revoked a decades-old…
Recent cybersecurity revelations highlight the activities of North Korean threat actors, specifically within the context of the ongoing Contagious Interview campaign. This campaign has introduced a new JavaScript malware identified as OtterCookie, further escalating the threat landscape. Known as Contagious Interview (alternatively termed DeceptiveDevelopment), this persistent attack strategy employs social…
CISA Reports Breach Linked to GeoServer Vulnerability A recent security incident has come to light involving a breach at a federal agency, attributed to a vulnerability in GeoServer, a popular open-source server used for sharing geospatial data. The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed this attack, raising significant…
New Cyber Threat Campaign Targets European Healthcare Sector with Advanced Ransomware Techniques A newly identified threat actor has launched a campaign aimed at European organizations, particularly within the healthcare industry. This operation, dubbed “Green Nailao” by Orange Cyberdefense CERT, utilizes the PlugX and ShadowPad malware, with the final stage involving…
A newly emerging service known as Dark Utilities has gained popularity among cybercriminals, with approximately 3,000 users drawn to its capability to provide command-and-control (C2) services aimed at seizing control of compromised systems. This platform has positioned itself as a “C2-as-a-Service” (C2aaS), marketed for tasks including remote access, command execution,…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Attackers Conceal Malware Within Vector Image Rashmi Ramesh (rashmiramesh_) • September 24, 2025 Image: Shutterstock Recent findings indicate that hackers have utilized artificial intelligence-generated code to embed malware in a sophisticated phishing campaign, according to insights from Microsoft. This malware…
