Ghostscript Rendering Platform Flaw Enables Remote Code Execution
A critical vulnerability, CVE-2024-29510, has been discovered in the Ghostscript rendering platform. This format string flaw affects versions up to 10.03.0, allowing attackers to bypass the -dSAFER sandbox and execute [...]
Info-Stealing Malware Posing as Accessibility Tools and Chrome Extensions
The first half of 2024 has witnessed a notable surge in info-stealing malware masquerading as AI tools and Chrome extensions. This trend underscores cybercriminals' growing sophistication and adaptability, leveraging emerging [...]
Orcinius Trojan Targets Users Through Dropbox & Google Docs
A new multi-stage trojan, "Orcinius," exploits Dropbox and Google Docs. It starts with an Excel spreadsheet containing a 'VBA stomping' macro. When executed, this macro hooks into Windows, enabling the [...]
ScreenConnect Remote Access Client Exploited by Hackers to Deploy AsyncRAT
eSentire’s Threat Response Unit (TRU) has uncovered a sophisticated campaign in which threat actors exploit the ScreenConnect remote access client to deliver the AsyncRAT trojan, revealing the evolving tactics of [...]
Hackers Exploit Twilio API to Verify MFA Phone Numbers
A vulnerability in an unauthenticated endpoint allowed threat actors to identify phone numbers associated with Authy accounts. The endpoint has since been secured to prevent unauthorized access. Although there is [...]
FHN 
