New Android Vulnerability Exploited by Malicious Apps Cybersecurity researchers have identified a significant unpatched vulnerability in the Android operating system, known as Strandhogg. This flaw is being exploited by numerous harmful mobile applications to unlawfully acquire users’ banking credentials and monitor their activities. The Strandhogg vulnerability resides within the Android…
Recent findings from Bitdefender Labs reveal that the hacking group FamousSparrow, believed to be linked to China, executed a targeted attack against an Azerbaijani energy company utilizing ProxyNotShell, Deed RAT, and Terndoor malware across three distinct waves. According to a newly published report by Bitdefender Labs, a series of coordinated…
New Vulnerabilities Discovered in GoAhead Web Server Software Cybersecurity experts from Cisco Talos have identified two significant vulnerabilities within the GoAhead web server software, a lightweight application commonly integrated into hundreds of millions of Internet-connected smart devices. This discovery raises serious concerns for organizations relying on these technologies. The first…
A recently uncovered zero-day exploit, known as YellowKey, poses a significant risk to Windows 11 systems. This exploit enables individuals with physical access to bypass the standard BitLocker encryption, allowing them to access secured drives within mere seconds. BitLocker is crucial for protecting sensitive information on enterprise machines, as it…
Each year, countless smartphones fall victim to theft. Among them, a significant number are iPhones that are illegally shipped to various regions, particularly China, where they are dismantled for parts. However, there exists a lucrative market in which these stolen devices can be unlocked and reset, offering criminals a chance…
OpenBSD, a celebrated open-source operating system designed with a focus on security, has recently been identified as vulnerable to four critical security flaws. Among these, one particularly notable vulnerability is an authentication bypass issue within the BSD Auth framework. The remaining three vulnerabilities are related to privilege escalation, potentially enabling…
Organizations across Japan and the Asia-Pacific region are facing a surge of cyberattacks attributed to a group known as Twill Typhoon. These attacks, which began in late September 2025, have raised alerts among cybersecurity experts at Darktrace, who note that the attackers employ sophisticated tactics to masquerade as legitimate services,…
A research team specializing in cybersecurity has unveiled a new method for exploiting the Intel Software Guard Extensions (SGX), a crucial feature designed to secure sensitive data within modern Intel processors. Named Plundervolt and categorized as CVE-2019-11157, this attack leverages the ability to manipulate frequency and voltage settings of processors.…
Recently, critical vulnerabilities were identified in two prominent WordPress plugins: “Ultimate Addons for Beaver Builder” and “Ultimate Addons for Elementor.” These vulnerabilities pose significant risks for users who have not updated to the latest versions. Researchers have uncovered an authentication bypass vulnerability that allows attackers to gain administrative control of…