The Apache Software Foundation (ASF) has announced a critical security update for its Tomcat server software, addressing a significant vulnerability that could lead to remote code execution (RCE) under specific conditions. This update highlights vulnerabilities identified as CVE-2024-56337 and CVE-2024-50379, the latter of which has a CVSS score of 9.8,…
A persistent threat actor, suspected to have ties to an Indian cybersecurity firm, has been actively attacking military organizations in South Asia since at least September 2020. The targeted nations include Bangladesh, Nepal, and Sri Lanka, with various iterations of their specialized malware framework used in each assault. According to…
Recent reports reveal a concerning new attack method, identified as “Pixnapping,” that exposes vulnerabilities in Android devices, enabling attackers to surreptitiously acquire crucial information such as two-factor authentication codes, location data, and other sensitive details within a mere 30 seconds. The Pixnapping attack originates from a malicious app that must…
A new variant of the well-known DJVU ransomware is being distributed through cracked software, raising fresh concerns within the cybersecurity community. This particular variant appends the .xaro extension to files, prompting affected users to pay a ransom for decryption capabilities. According to Cybereason security researcher Ralph Villanueva, the behavior is…
Video Insights from Jumio’s Joe Kaufmann on the Evolving Role of Chief Privacy Officers Brian Pereira (creed_digital) • October 14, 2025 Joe Kaufmann, Chief Privacy and Data Protection Officer, Jumio Data privacy has transitioned significantly from its origins in safeguarding state secrets and intellectual property to a more dynamic role…
Home » AIRLINE NEWS » Recent Data Breaches at Vietnam Airlines and Qantas Raise Alarm on Aviation Cybersecurity Published on October 14, 2025 The airline industry is witnessing an alarming rise in data breaches, with recent incidents involving **Vietnam Airlines** and **Qantas Airways** revealing severe vulnerabilities within the sector. Both…
On December 23, 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical vulnerability affecting Acclaim Systems USAHERDS to its Known Exploited Vulnerabilities (KEV) catalog. This addition follows verifiable evidence that the flaw has been actively exploited. The vulnerability, identified as CVE-2021-44207, has a CVSS…
A recent coordinated operation by law enforcement officials has led to the apprehension of 11 alleged members of a Nigerian cybercrime syndicate involved in numerous business email compromise (BEC) attacks. This group’s activities have reportedly targeted over 50,000 victims globally in recent years. The crackdown, termed Operation Falcon II, stemmed…
New Android Vulnerability Exposes User Data to Attackers Recent research has unveiled a serious vulnerability affecting Android devices, enabling the covert theft of sensitive information, including two-factor authentication codes and user location histories, all within a mere 30 seconds. This attack, termed “Pixnapping,” was developed by a team of academic…
