A new cyber-espionage campaign has been uncovered. It involves Chinese state-sponsored hackers. These attackers used a backdoor named “MarsSnake.” The campaign targeted a major organization in Saudi Arabia. It lasted for several years. This attack shows the growing sophistication of state-backed hacking operations. Discovery and Attribution Cybersecurity researchers discovered the …
Prabin Sethi Fileless Cryptojacking Campaign Exploits 1k+ PostgreSQL Servers
A recent large-scale cyberattack has compromised over 1,500 PostgreSQL servers in a sophisticated fileless cryptocurrency mining campaign. The attackers exploit weak security configurations to deploy cryptojacking malware, which hijacks computing resources to mine cryptocurrencies without the knowledge or consent of the server owners. This incident underscores the growing threat to …
Earth Alux: China-Linked APT Uses VARGEIT & COBEACON
Recent cybersecurity investigations have revealed a series of highly sophisticated cyber intrusions attributed to a threat actor group known as “Earth Alux.” This group, believed to be linked to China, has been engaging in prolonged and stealthy cyber-espionage operations, targeting organizations worldwide. Their use of advanced malware tools—VARGEIT and COBEACON—demonstrates …
ENISA Warns of Growing Cyber Risks in Space Security
As space technology becomes increasingly integral to modern infrastructure, the security threats targeting space-based assets are also on the rise. The European Union Agency for Cybersecurity (ENISA) has released a new report analyzing the evolving space threat landscape, highlighting the risks posed to satellites, space stations, and communication networks. This …
Chinese Cyber Espionage: 4-Year Undetected Telecom Breach
In today’s hyper-connected world, telecommunications providers are vital cogs in global communication networks. Their role in facilitating voice calls, data transfers, and internet connectivity makes them prime targets for cyber espionage. Recently, a major Asian telecom provider learned this the hard way when a sophisticated group of Chinese hackers successfully …
Gartner’s Top Cybersecurity Predictions for 2025
Cybersecurity is evolving rapidly. Organizations must stay ahead of threats. Gartner has identified key cybersecurity trends for 2025. These trends will shape security strategies worldwide. Companies must adapt to protect their data and systems. Cyber threats are growing more sophisticated. Attackers use advanced techniques to breach networks. Businesses need stronger …
Broadcom Patches Critical VMware Security Vulnerabilities
Broadcom has released critical security patches for VMware products. These patches address three zero-day vulnerabilities that hackers have actively exploited. The flaws affect VMware ESXi, Workstation, and Fusion. Organizations using these products must update immediately to avoid security risks. The Discovered Vulnerabilities Broadcom identified and fixed three serious vulnerabilities: Active …
Understanding the TOTOLINK X18 Vulnerability
A critical vulnerability has been discovered in the TOTOLINK X18 router. The affected version is 9.1.0cu.2024_B20220329. This security flaw has been categorized as critical due to its potential impact. Attackers can exploit this flaw to execute malicious commands on the device. Routers are essential devices for internet connectivity. They manage …
Cisco Nexus 3000 and 9000 Series Vulnerability
Cisco Nexus 3000 and 9000 Series Switches are widely used in enterprise and data center environments. These switches run on Cisco’s NX-OS operating system, which is designed for high performance, flexibility, and scalability. However, a critical vulnerability has been identified in the software upgrade process of these switches when they …
Buffer Overflow vulnerability in Tenda ACE6 V15.03.05.16
The Tenda AC6 router, particularly firmware version V15.03.05.16, has been identified to contain a buffer overflow vulnerability in the formexeCommand function. This security flaw arises when the function fails to properly validate input lengths, allowing an attacker to input data that exceeds the buffer’s capacity. Consequently, this can lead to …