As CapCut continues to grow in popularity as a short-form video editing app, cybercriminals are exploiting its name to carry out sophisticated phishing scams. Recently, the Cofense, a security software solutions company, identified a campaign wher attackers send convincing fake invoices that appear to be from CapCut to steal login and payment information. Cybersecurity researchers…

Continue Reading

Recent research by cybersecurity company Rapid7 has uncovered several serious security vulnerabilities affecting a wide range of Brother multifunction printers (MFPs) and other devices. These issues could potentially allow malicious actors to access sensitive information, take control of devices, or disrupt their operation. Over the past year, Rapid7 in collaboration with Brother and other vendors,…

Continue Reading

Resupply, a decentralized finance (DeFi) protocol, has confirmed an exploit in its wstUSR market. According to the project’s statement post on social media network X (formely Twitter), the affected smart contract has been identified and immediately paused. No other markets or protocol functions appear to have been impacted. Resupply has experienced an exploit in the…

Continue Reading

Hawaiian Airlines, a large commercial airlines, is actively responding to a cybersecurity incident that has impacted parts of its internal IT systems. Despite the disruption, the airline has confirmed that all flights are operating on schedule, and guest travel remains unaffected. The airline first disclosed the incident earlier today via official statements and social media,…

Continue Reading

Recent activity indicates a significant increase in scanning and exploitation attempts against Progress Software’s MOVEit Transfer platform, a widely used file-sharing solution used globally. Over the past three months, cybersecurity researchers have observed a sustained surge in malicious activity, suggesting that threat actors are actively probing for vulnerabilities in this widely used file-sharing solution. This…

Continue Reading

Recent security disclosures have highlighted serious vulnerabilities in two widely used enterprise networking solutions: Citrix’s NetScaler ADC and Cisco’s Identity Services Engine (ISE). These flaws pose significant risks, including potential system disruptions and unauthorized access, prompting urgent updates from both vendors. Critical Flaw in NetScaler ADC Citrix has released an advisory regarding a severe security…

Continue Reading

Recent security research has uncovered significant risks associated with misconfigured or overly privileged containers running in Amazon Elastic Kubernetes Service (EKS). These misconfigurations can expose sensitive AWS credentials, leading to potential privilege escalation, data breaches, and unauthorized access within cloud environments. Overprivileged Containers Kubernetes has become the backbone of modern cloud applications, enabling automation in…

Continue Reading