Trojanized Game Installers Spread Crypto Miners in StaryDobry

Cybercriminals are increasingly exploiting the gaming community to distribute malware, and the latest example is the StaryDobry attack—a large-scale campaign that uses trojanized game installers to deploy a stealthy cryptocurrency miner. This attack primarily targets gamers looking for free versions of popular games, infecting their systems while covertly mining cryptocurrency …

New Snake Keylogger Variant Leverages AutoIt Scripting

A new variant of the Snake Keylogger has surfaced in recent cyber threats, employing AutoIt scripting to bypass security detection mechanisms. Snake Keylogger, a notorious information-stealing malware, has been active for several years, primarily targeting Windows users to steal credentials, keystrokes, and clipboard data. This new variant highlights the evolving …

Russian Hackers Exploit ‘Device Code Phishing’

In a recent cybersecurity alert, Microsoft has identified a novel phishing technique employed by Russian-linked hackers, designated as Storm-2372, to compromise user accounts. This method, termed ‘device code phishing,’ has been active since mid-2024 and primarily targets Microsoft 365 accounts across various sectors, including government agencies, non-governmental organizations (NGOs), defense, …

Understanding the Type Confusion Vulnerability in Lexmark

What is Type Confusion? A type confusion vulnerability occurs when a program incorrectly treats a piece of data as a different type than intended. This can lead to memory corruption, allowing an attacker to manipulate the execution flow of a program, potentially leading to arbitrary code execution (ACE). Where is …

Critical SQL Injection Vulnerability in Phpgurukul LRS v1.0

This vulnerability description refers to an SQL Injection (SQLi) flaw in the Phpgurukul Land Record System v1.0, specifically in the forgot-password.php script within the admin panel. Here’s a breakdown of the issue: Understanding the Vulnerability Possible Exploit Example If the vulnerable code looks something like this: An attacker could send …

Buffer Overflow vulnerability in Tenda ACE6 V15.03.05.16

The Tenda AC6 router, particularly firmware version V15.03.05.16, has been identified to contain a buffer overflow vulnerability in the formexeCommand function. This security flaw arises when the function fails to properly validate input lengths, allowing an attacker to input data that exceeds the buffer’s capacity. Consequently, this can lead to …

FINALDRAFT Malware Exploits Microsoft Graph API

Cybersecurity researchers have identified a new strain of malware, dubbed FINALDRAFT, that exploits the Microsoft Graph API to conduct espionage operations on both Windows and Linux systems. This advanced threat has raised concerns due to its stealthy command-and-control (C2) communication methods and its ability to infiltrate multiple platforms. Overview of …

NVIDIA Container Toolkit for Linux contains a TOCTOU vulnerability

In the world of high-performance computing, artificial intelligence, and GPU-accelerated workloads, NVIDIA’s Container Toolkit has become a cornerstone for developers leveraging GPU capabilities within containerized environments. It allows Docker and other container runtimes to seamlessly utilize NVIDIA GPUs for executing complex computations. However, a recent security disclosure has revealed a …

Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200

Apple has released an emergency security update to address a critical zero-day vulnerability, CVE-2025-24200, that has been actively exploited in the wild. The flaw affects iPhones, iPads, and macOS devices, prompting Apple to push out immediate fixes to protect users from potential cyber threats. Overview of CVE-2025-24200 The CVE-2025-24200 vulnerability …

Zimbra Releases Security Updates for SQL Injection

Zimbra has released urgent security updates for its collaboration suite. The updates address critical SQL injection vulnerabilities. These flaws could allow attackers to gain unauthorized access to email systems. Security researchers discovered the vulnerabilities last month. The patches are now available for all supported versions of the platform. Cybersecurity experts …