A recently identified vulnerability in GitHub Actions artifacts, referred to as ArtiPACKED, poses significant risks to repository security and organizational cloud operations. This attack vector could allow malicious entities to gain unauthorized control over repositories and infiltrate cloud environments associated with these repositories. The vulnerability results from a mix of…
SolarWinds has issued patches to mitigate a severe security vulnerability in its Web Help Desk software that could allow attackers to execute arbitrary code on affected systems. The vulnerability, identified as CVE-2024-28986 with a CVSS score of 9.8, is characterized as a deserialization issue. The company, in its advisory, indicated…
In a significant law enforcement initiative dubbed Operation MORPHEUS, approximately 600 servers utilized by cybercriminal syndicates were dismantled, disrupting a critical component of the infrastructure linked to the Cobalt Strike tool. This crackdown, coordinated by Europol, particularly targeted unlicensed and outdated versions of the Cobalt Strike framework between June 24…
Cybersecurity Experts Uncover DarkGate Malware Campaign Targeting Samba File Shares In a recent investigation, cybersecurity analysts have unveiled a brief yet impactful campaign associated with DarkGate malware, which exploited Samba file sharing services as a vector for infection. Researchers from Palo Alto Networks’ Unit 42 indicated that the campaign occurred…
The RansomHub ransomware group has emerged as a significant cyber threat, with reports indicating it has successfully compromised and encrypted data from over 210 victims since its formation in February 2024, according to U.S. government sources. The attackers are linked to an operation that has selected targets across a wide…
The U.S. Federal Bureau of Investigation (FBI) has successfully disrupted the online infrastructure supporting the emerging ransomware group known as Radar Announced on Monday, this operation led to the dismantling of multiple servers across several countries, including three in the United States, three in the United Kingdom, and eighteen in…
Microsoft Addresses Critical Vulnerabilities in September 2024 Patch Tuesday Update On Tuesday, September 10, 2024, Microsoft announced the identification of three significant security vulnerabilities affecting the Windows operating system, which are now under active exploitation. This disclosure was part of the company’s monthly Patch Tuesday update, highlighting the urgent need…
