Tag JavaScript

Kurdish Websites Targeted in Watering Hole Attack Distributing Malicious APKs and Spyware

In a recent cybersecurity incident, approximately 25 websites associated with the Kurdish minority have fallen victim to a sophisticated watering hole attack designed to collect sensitive information over an extended period of time, reportedly lasting more than 18 months. French cybersecurity firm Sekoia disclosed the details of the campaign, labeled…

Read MoreKurdish Websites Targeted in Watering Hole Attack Distributing Malicious APKs and Spyware

Cybercriminals Employ Unicode to Conceal Mongolian Skimmer in Online Retail Sites

New Cyber Threat: Mongolian Skimmer Campaign Revealed Cybersecurity experts have recently uncovered a sophisticated digital skimmer campaign utilizing Unicode obfuscation techniques to deploy a skimmer known as “Mongolian Skimmer.” Researchers from Jscrambler noted that the obfuscated nature of the script raises eyebrows due to the extensive use of accented characters,…

Read MoreCybercriminals Employ Unicode to Conceal Mongolian Skimmer in Online Retail Sites

Vulnerabilities in Roundcube Webmail Enable Cybercriminals to Access Emails and Passwords

Cybersecurity Flaws Discovered in Roundcube Webmail Could Lead to Data Theft Recent analysis by cybersecurity experts has unveiled critical vulnerabilities within the Roundcube webmail software, which could be manipulated by attackers to run malicious JavaScript in a user’s web browser, potentially exposing sensitive information stored in their email accounts. The…

Read MoreVulnerabilities in Roundcube Webmail Enable Cybercriminals to Access Emails and Passwords

GootLoader Malware Remains Active, Unleashes Updated Versions for More Effective Attacks

The GootLoader malware continues to pose significant risks as cybercriminals exploit it to deploy new payloads onto infected systems. This malware has seen active use by threat actors aiming to target various organizations, particularly in legal and professional sectors, as reported by the cybersecurity firm Cybereason. Recent analysis from Cybereason…

Read MoreGootLoader Malware Remains Active, Unleashes Updated Versions for More Effective Attacks

Google Alerts Users to Active Exploitation of Chrome Security Vulnerability CVE-2024-7965

Google Chrome Security Flaw Actively Exploited in the Wild Google recently disclosed that a significant security vulnerability patched in a software update to its Chrome browser has been identified as actively exploited in the wild. This flaw, designated CVE-2024-7965, was encapsulated within the V8 JavaScript and WebAssembly engine and was…

Read MoreGoogle Alerts Users to Active Exploitation of Chrome Security Vulnerability CVE-2024-7965

DarkGate Malware Targets Samba File Shares in Brief Surge Attack

Cybersecurity Experts Uncover DarkGate Malware Campaign Targeting Samba File Shares In a recent investigation, cybersecurity analysts have unveiled a brief yet impactful campaign associated with DarkGate malware, which exploited Samba file sharing services as a vector for infection. Researchers from Palo Alto Networks’ Unit 42 indicated that the campaign occurred…

Read MoreDarkGate Malware Targets Samba File Shares in Brief Surge Attack

Russian Hackers Target Safari and Chrome Vulnerabilities in Major Cyberattack

Multiple Exploit Campaigns Target Apple Safari and Google Chrome Users Recent analysis by cybersecurity experts has revealed that nation-state actors have leveraged previously patched vulnerabilities in Apple Safari and Google Chrome to distribute information-stealing malware to mobile users. The campaigns, which took place between November 2023 and July 2024, specifically…

Read MoreRussian Hackers Target Safari and Chrome Vulnerabilities in Major Cyberattack