New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to…
Zimbabwe Trains Government Officials in Cybersecurity Skills
African nation’s proactive approach to cybersecurity comes amid a rise in painful cyberattacks including the breach of a major bank.…
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source…
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute…
PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
The exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors.…
77% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months
Post Content Read More
Microsoft’s Sway Serves as Launchpad for ‘Quishing’ Campaign
The attack is a mashup of QR codes and phishing that gets users to click on links to malicious Web…
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a…
Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors
The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of…
China’s Volt Typhoon Exploits 0-day in Versa’s SD-WAN Director Servers
So far, the threat actor has compromised at least five organizations using CVE-2024-39717; CISA has added bug to its Known…
