Qualcomm Issues Security Advisory for High-Severity Flaws In recent developments, chipmaker Qualcomm has disclosed significant information regarding three critical security vulnerabilities that were reportedly exploited in targeted attacks as of October 2023. The company emphasized that these flaws were subjected to “limited, targeted exploitation,” raising alarms about their implications for…
Cybersecurity Agencies Warn of QSnatch Malware Threat Targeting QNAP Devices In a joint advisory issued by cybersecurity agencies in the United States and the United Kingdom, significant warnings have been raised regarding an ongoing malware threat known as QSnatch, which is affecting network-attached storage (NAS) devices produced by Taiwanese company…
Recent disclosures from US intelligence agencies reveal an alarming resurgence of a 12-year-old strain of malware, known as “Taidoor.” This variant is believed to be employed by state-sponsored actors from China, targeting a wide array of institutions, including government bodies, corporations, and think tanks. The malware, which has been active…
The Cybersecurity and Infrastructure Security Agency (CISA) in the United States has issued an alert regarding a sophisticated malware campaign attributed to North Korean hackers targeting government contracting firms. This new threat, identified as “BLINDINGCAN,” utilizes an advanced remote access Trojan designed to create a backdoor into compromised systems. The…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included six new security vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, citing clear indications of ongoing exploitation. This move emphasizes the necessity for organizations to remain vigilant and proactive in their cybersecurity measures. Among the newly flagged vulnerabilities is…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially included a critical vulnerability affecting Microsoft SharePoint Server in its Known Exploited Vulnerabilities (KEV) catalog, highlighting evidence of active exploitation within various environments. This vulnerability, identified as CVE-2023-29357, has garnered a significant CVSS score of 9.8, indicating its severity and…
A newly emerged AI image creation startup has come under fire for leaving its database exposed, resulting in the unauthorized access of over a million user-generated images and videos. Alarmingly, the majority of the leaked content includes explicit material, with some instances involving minors. This breach raises significant concerns regarding…
Recent investigations have surfaced an attempt to breach CrowdStrike, a prominent cybersecurity firm, within the backdrop of the ongoing espionage campaign associated with SolarWinds. The intrusion was reportedly thwarted, revealing critical insights into the current landscape of cybersecurity threats. On December 15, Microsoft’s Threat Intelligence Center flagged a third-party reseller’s…
A recent security incident involving an AI image creator startup has revealed alarming vulnerabilities, with an unsecured database exposing over a million user-generated images and videos. The majority of the compromised content consisted of explicit material, including sensitive and troubling depictions of minors. This breach raises significant concerns about user…
