Cybersecurity experts have unveiled details about a malicious tool known as AndroxGh0st, which has been specifically designed to target Laravel applications in order to extract sensitive information. According to Kashinath T. Pattan, a researcher with Juniper Threat Labs, this tool operates by scanning for critical data within .env files, which…
Significant Malware Campaign Targets WordPress Sites A recent and extensive malware campaign known as Sign1 has compromised over 39,000 WordPress sites over the past six months. The malware employs malicious JavaScript injections, maneuvering to redirect users to fraudulent websites. Notably, within the last two months, this campaign has infected an…
A threat group linked to China has exploited vulnerabilities in Connectwise ScreenConnect and F5 BIG-IP software, deploying customized malware capable of installing additional backdoors on compromised Linux systems. This aggressive campaign is under surveillance by Mandiant, a Google subsidiary, which refers to the activity by the identifier UNC5174, also known…
Cybersecurity experts have recently disclosed a significant, now-resolved vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could have enabled attackers to hijack user sessions and execute remote code on affected instances. This vulnerability, coined FlowFixation by the cybersecurity firm Tenable, poses alarming implications for AWS…
A significant security vulnerability has been identified in Apple’s M-series chips, enabling potential attackers to extract cryptographic keys integral to secure data operations. Known as GoFetch, this flaw relates to a microarchitectural side-channel attack that exploits the data memory-dependent prefetcher (DMP), specifically targeting constant-time cryptography implementations to covertly access sensitive…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) catalog with three critical security flaws, highlighting their active exploitation in the wild. The vulnerabilities now included are CVE-2023-48788, CVE-2021-44529, and CVE-2019-7256, which pose significant risks to users of affected systems. Among these, CVE-2023-48788,…
In a recent escalation of cyber espionage efforts, two advanced persistent threat (APT) groups linked to China have intensified their targeting of organizations affiliated with the Association of Southeast Asian Nations (ASEAN) over the past three months. This campaign highlights the region’s growing significance in global geopolitical dynamics. Among the…
A recently identified phishing campaign is employing a sophisticated new loader malware, which serves to deliver the information-stealer and keylogger known as Agent Tesla. Trustwave SpiderLabs reported that on March 8, 2024, they encountered a phishing email featuring this malware, disguised as a bank payment notification that entices recipients to…
As businesses increasingly adopt SaaS applications, the demand for enhanced network performance and security has grown markedly. Organizations are turning to SASE (Secure Access Service Edge), a category of solutions designed to optimize both network infrastructure and protection against online threats. Despite its advantages, a recent report titled “Better Together:…
