Covid Data of Indians Leaked
The National Health Authority has denied any COVID-related data leak from Co-WIN portal on the prima facie basis, saying the platform neither collects the address of people nor RT-PCR test…
CISA Adds 13 New Vulnerabilities to Known Exploited list
CISA released its latest update to the Known Exploited Vulnerabilities catalog, adding 13 new vulnerabilities. Nine of the vulnerabilities have a remediation date of February 1 and four of them have a remediation…
Ocean Lotus 🌸 Sophisticated Attack
The state-sponsored threat actor group known as OceanLotus is using the web archive file format to evade system detection while delivering backdoors for intrusion. A report claims that OceanLotus's campaign is actively…
MoleRats Abuses Public Cloud Infrastructure
An espionage campaign has been linked to the threat actor known as Molerats in the Middle east that abuses legitimate cloud services like Google Drive and Dropbox to host malware…
Posted inSecurity
F5 Patches Critical Vulnerabilities
F5 patches nearly 25 vulnerabilities affecting its BIG-IP, BIG-IQ, and NGINX products. Total of 23 security flaws were addressed in the BIG-IP application delivery controller (ADC), including 13 high-severity issues,…
WordPress Plugin Bug Exposes 20k Sites
Nearly 20,000 WordPress sites are vulnerable to malicious code injection, phishing scams as the result of a severe XSS bug discovered in the WordPress Email Template Designer WP HTML Mail.…
STRRAT Indulge in Phishing Campaign
A new phishing campaign using fake shipping delivery impersonating Maersk shipping lures installs the STRRAT remote access trojan on unsuspecting victim's devices. The macro code that runs fetches the STRRAT malware onto…