Attackers Exploit Swap File to Steal Credit Card Information
Researchers at Sucuri recently discovered that website swap files can be exploited to install a persistent credit card skimmer on Magento e-commerce platforms. Swap files, which store overflow data from [...]
Flaw in Cisco VPN routers enables remote code execution by attackers
Cisco disclosed a significant flaw in the upload module of RV340 and RV345 VPN routers, allowing remote, authenticated attackers to run arbitrary code. Tracked as CVE-2024-20416 with a CVSS score [...]
Watch out for fake browser updates installing malicious BOINC software.
Since July 4, 2024, SocGholish (FakeUpdates) has shown new behavior. The infection chain starts with a compromised website prompting a fake browser update. Downloading the update triggers malicious code that [...]
SonicOS IPSec VPN Vulnerability Allows Attackers to Cause DoS Condition
SonicWall has disclosed a critical heap-based buffer overflow vulnerability in SonicOS IPSec VPN, identified as CVE-2024-40764, which can allow remote attackers to cause a DoS condition. The vulnerability has a [...]
BadPack Malware for Android Infects APK Installers
New research reveals a novel approach to hiding malware in APK installers. Adversaries manipulate the file header to circumvent protection and make analysis much more difficult. The peak usage of [...]
FHN 
