New Security Flaws Discovered in Citrix Virtual Apps and Desktop Leading to Remote Code Execution Risks Cybersecurity researchers have identified critical vulnerabilities in Citrix Virtual Apps and Desktop that expose users to potential remote code execution (RCE) attacks. These flaws, uncovered by the team at watchTowr, revolve around the Session…
On November 12, 2024, Microsoft disclosed that two significant security vulnerabilities affecting Windows NT LAN Manager (NTLM) and Task Scheduler have been actively exploited in the wild. These vulnerabilities were part of the November Patch Tuesday update, which addressed a total of 90 security flaws across Microsoft products. Among the…
A newly discovered security vulnerability in Windows NT LAN Manager (NTLM) has been exploited in a zero-day attack, with suspected ties to Russian threat actors targeting Ukraine. This vulnerability, designated as CVE-2024-43451 and rated with a CVSS score of 6.5, allows attackers to possibly expose a user’s NTLMv2 hash. Microsoft…
A new hacking group reportedly aligned with Iranian national interests has been observed executing a password spraying campaign aimed at defense technology companies in the U.S., European Union, and Israel. This campaign has also extended to regional ports of entry in the Persian Gulf and maritime companies operating in the…
A significant security breach has come to light, involving the exposure of 183 million email accounts along with their corresponding passwords. This data, reportedly stemming from a malware-driven theft, has been added to the renowned breach-notification platform, Have I Been Pwned, run by cybersecurity expert Troy Hunt. Following its discovery…
Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Malware Captures Billions of Credentials Mathew J. Schwartz (euroinfosec) • October 24, 2025 Image: Shutterstock Credential theft via infostealers has escalated to alarming levels, as cybercriminals continuously adapt to enhanced security measures. By infiltrating corporate systems with malware that captures session…
The Medusa ransomware group has publicly disclosed 186.36 GB of compressed data, which they allege was stolen from Comcast Corporation, a prominent global media and technology entity based in the United States. As highlighted in an earlier report by Hackread.com, the group claimed to have infiltrated Comcast in late September…
The Cybersecurity and Infrastructure Security Agency (CISA) in the United States has highlighted the urgent need for government agencies to address known cyber vulnerabilities. In a recent announcement, the agency published a comprehensive catalog containing vulnerabilities identified from major tech companies including Apple, Cisco, Microsoft, and Google. These vulnerabilities are…
Identity & Access Management, Security Operations Microsoft Warns of Hackers Shifting Focus to Identity Compromises Akshaya Asokan (asokan_akshaya) • October 22, 2025 Image: Shutterstock In its annual cybersecurity report, Microsoft has alerted businesses about a significant increase in identity-based attacks, emphasizing that hackers are now more likely to “log in”…
