A critical security vulnerability in Essential Addons for Elementor has been identified, potentially impacting over two million WordPress websites. The flaw, a reflected cross-site scripting (XSS) vulnerability, was discovered due to insufficient validation of the popup-selector query argument, allowing malicious scripts…
Feb 26, 2025Ravie LakshmananEnterprise Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on…
Global consumers encountered over one billion fraudulent calls in the final quarter of 2024, with a quarter of Brits and nearly a third (31%) of Americans exposed to deepfakes, according to Hiya. The voice intelligence specialist compiled its Q4 2024…
Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. “The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and…
A massive Chinese botnet is targeting Microsoft 365 accounts with large-scale password spraying attacks that can bypass multifactor authentication (MFA), according to SecurityScorecard. The botnet, which is made up of over 130,000 compromised devices, is systematically attempting to log into…
Feb 25, 2025Ravie LakshmananGaming / Threat Intelligence Cybersecurity researchers are calling attention to an ongoing campaign that’s targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign, which spans hundreds of repositories, has been…
Ransomware actors are largely eschewing encryption, with at least 80% of attacks last year focusing solely on exfiltrating data, as it is quicker and easier, according to ReliaQuest. The threat intelligence vendor claimed in its Annual Cyber-Threat Report that exfiltration-only…
Feb 25, 2025Ravie LakshmananWindows Security / Vulnerability A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice’s product suite to sidestep detection efforts and deliver the Gh0st RAT malware. “To further evade detection, the attackers…
Cyber threat actors are no longer just targeting hospitals with ransomware, they’re now infiltrating the very software that patients use to manage their care, installing backdoors that put sensitive medical information at risk. In a new report, researchers at Forescout’s…
Feb 25, 2025Ravie LakshmananMalware / Cyber Espionage Opposition activists in Belarus as well as Ukrainian military and government organizations are the target of a new campaign that employs malware-laced Microsoft Excel documents as lures to deliver a new variant of…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
