Skip to main content

CodeBreach

CodeBreach - Your trusted source for the latest news and updates on the constantly evolving world of cyber hacking, data breaches, and digital security. Stay informed and stay protected with CodeBreach.

Search This Blog

Showing posts with the label Vulnerability

Posts

Breaking Boundaries: Unveiling SLAM - The Covert Threat to Intel, AMD, and Arm CPUs

on December 09, 2023

Cyber Attack Cyber Security Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Breaking the Biometric Barrier: Unmasking Windows Hello Flaws on Dell, Lenovo, and Microsoft Laptops!

on November 23, 2023

Cyber Attack Cyber Security Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Unveiling Predator Android Spyware: The Insidious Data Thief Revealed!

on May 28, 2023

Cyber Attack Cyber Security Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Qakbot Evolves: Abusing OneNote for Malware Distribution

on March 11, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

MedusaLocker's New Attack: GlobeImposter 2.0 Ransomware Spreading Through RDP - Here's How to Protect Your Business

on March 09, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Exposed Redis Database Servers: The Rising Threat of Cryptojacking and How to Protect Your Business

on March 09, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

PyPI Repository Breach: Malicious Package Distributes Dangerous Colour-Blind RAT

on March 08, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

The Nevada Group's Cloud Server Attack: A Mysterious and Dangerous Threat to Organizations Worldwide

on February 28, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

The Dark Side of Social Media: How Attackers Exploit Platforms to Deliver S1deLoad Stealer

on February 28, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Experts Warn of Increasing Attacks Exploiting Zoho ManageEngine Products Vulnerabilities

on February 23, 2023

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Beep Malware Stuns Researchers with Super Evasive Techniques and Persistence on Infected Systems

on February 17, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Critical RCE Vulnerability in ClamAV Antivirus Software Poses Grave Risk to Linux and Unix-based Systems

on February 17, 2023

+

Get link
Facebook
X
Pinterest
Email
Other Apps

The Hangul Honeypot: APT37's Latest Exploits and the Highly-Evasive M2RAT Malware

on February 16, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Python Developers Beware: Malicious Clipper Malware Found in PyPI Packages

on February 14, 2023

Cyber Security Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Remcos RAT Strikes Again: Ukrainian Government Targeted in Cyber Attack, Warns CERT-UA

on February 12, 2023

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Urgent Alert: CISA Warns of Active Attacks Targeting Vulnerabilities in Fortra MFT, TerraMaster NAS, and Intel Driver

on February 11, 2023

Threat Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Medusa Botnet Undergoes Major Transformation

on February 09, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

QBot Spreads Through OneNote in QakNote Campaign, Infecting Victims

on February 09, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Quasar RAT Sneaks into Home Trading System, Threatening Data Security

on February 09, 2023

Malware Vulnerability

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Wireless IIoT Devices Vulnerabilities Put Critical Infrastructure at Risk

on February 09, 2023

+

Get link
Facebook
X
Pinterest
Email
Other Apps

Trending News

Unveiling the Cyber Underworld: Rhadamanthys and AsyncRAT - The Evolution of Stealthy Threats 🌐🔒 #Cybersecurity #MalwareMayhem

Recent reports from cybersecurity firm Check Point indicate that the developers behind the information-stealing malware, Rhadamanthys, are actively enhancing its features and expanding its capabilities through a plugin system. This evolution transforms it into a more customizable and potent threat. Rhadamanthys, initially documented in October 2022, operates under the malware-as-a-service (MaaS) model and has been sold by an actor known as "kingcrete2022." It is commonly distributed through malicious websites mimicking genuine software sites advertised through Google ads. Rhadamanthys Features and Evolution As of the latest update, version 0.5.2, Rhadamanthys exhibits a new plugin system, turning it into a versatile tool for specific distributor needs. This system allows customers to deploy additional tools tailored to their targets, making it more than just an information stealer. The malware's components are both active and passive, capable of o...

Code Hijack Alert: Over 15,000 Go Repositories on GitHub Vulnerable to Repojacking Threats!

New research has brought to light a significant security concern in over 15,000 Go module repositories on GitHub. These repositories are found to be vulnerable to an attack known as repojacking, a technique that enables bad actors to exploit GitHub username changes and deletions to stage open-source software supply chain attacks. Jacob Baines, Chief Technology Officer at VulnCheck, shared in a report that more than 9,000 repositories are susceptible to repojacking due to GitHub username changes, while over 6,000 repositories face the risk due to account deletions. Collectively, these repositories account for no less than 800,000 Go module versions. What is Repojacking? Repojacking, a portmanteau of "repository" and "hijacking," allows attackers to create a repository with the same name as a pre-existing one by taking advantage of account username changes and deletions. This poses a serious threat to the integrity of open-source software. Go...

PayPal Data Breach Puts Users' Personal Information at Risk - Change Passwords Now

PayPal has suffered a data breach, potentially compromising the personal information of its users. The company has not yet released details on the extent of the breach or the types of data that may have been exposed, but it has urged all users to change their passwords immediately. It is also recommended to users to also enable two-factor authentication for added security. PayPal has stated that it is cooperating with law enforcement to investigate the incident and will provide updates as more information becomes available.

The Silent Menace: Microsoft Reveals Adversaries Exploiting OAuth Applications for Cryptomining and Phishing Escapades!

Microsoft has issued a stark warning about the growing exploitation of OAuth applications by adversaries, who are now utilizing them as an automation tool to deploy virtual machines for cryptocurrency mining and launch sophisticated phishing attacks. The Microsoft Threat Intelligence team has analyzed these attacks, revealing a concerning trend where threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications. These applications then serve as a camouflage for malicious activities, allowing threat actors to hide their actions effectively. "The misuse of OAuth also enables threat actors to maintain access to applications even if they lose access to the initially compromised account." One notable adversary in these campaigns is identified as Storm-1283. This threat actor has been observed leveraging a compromised user account to create an OAuth application, subsequently deploying virtual machines for...

Breaking the Biometric Barrier: Unmasking Windows Hello Flaws on Dell, Lenovo, and Microsoft Laptops!

A recent study by Blackwing Intelligence has unveiled multiple vulnerabilities that could potentially allow attackers to bypass Windows Hello authentication on popular laptops, including Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X. Researchers at Blackwing Intelligence discovered these vulnerabilities in the fingerprint sensors developed by Goodix, Synaptics, and ELAN, integrated into the mentioned devices. These fingerprint sensors, known as "match on chip" (MoC), were found to have exploitable weaknesses, allowing malicious actors to compromise the biometric security systems. "While MoC prevents replaying stored fingerprint data to the host for matching, it does not, in itself, prevent a malicious sensor from spoofing a legitimate sensor's communication with the host and falsely claiming that an authorized user has successfully authenticated," explain researchers Jesse D'Aguanno and Timo Teräs. The vul...

Category

Cyber Attack59 Cyber Security49 Malware42 Vulnerability31 Ransomware20 Hacking15 Threat14 Data Breach12 Trojan9 Security5

BitCoin4 Gaming3 Phishing3 Android - Trojan2 Cryptocurrency2 Facebook Meta2 GitHub2 Malicious2 Scams2 Apple1 Emote Malware1 Exploit1 Firewall1 Microsoft1 Python1 WhatsApp1 Wordpress1

Show more Show less

Privacy

Powered by Blogger