Firsthackersnews

06/01/2025

A critical vulnerability has been found in the UpdraftPlus: WP Backup & Migration Plugin, affecting over 3 million WordPress sites.

Read more : https://firsthackersnews.com/wordpress-plugin-flaw/

A critical vulnerability has been found in the UpdraftPlus: WP Backup & Migration Plugin, affecting over 3 million WordPress sites.

03/01/2025

ASUS warns of critical router flaws (CVE-2024-12912, CVE-2024-13062) allowing arbitrary command ex*****on. Users are urged to update their devices immediately.

Read more :

ASUS warns of critical router flaws (CVE-2024-12912, CVE-2024-13062) allowing arbitrary command ex*****on. Users are urged to update.

31/12/2024

Researchers observed increased activity from the "FICORA" and "CAPSAICIN" variants, which exploit vulnerabilities in outdated D-Link routers like DIR-645, DIR-806, GO-RT-AC750, and DIR-845L.

Read more :

Researchers observed increased activity from the "FICORA" and "CAPSAICIN" variants, which exploit vulnerabilities in outdated D-Link routers.

29/10/2024

Recent cyberattacks by Akira and Fog threat actors have targeted various industries by exploiting CVE-2024-40766 in SonicWall VPN.

Read more :

Recent cyberattacks by Akira and Fog threat actors have targeted various industries by exploiting CVE-2024-40766 in SonicWall VPN.

29/10/2024

WrnRAT is a new malware that cybercriminals deploy by disguising it as popular gambling games like Badugi, Go-Stop, and Hold'em.

Read more :

WrnRAT is a new malware that cybercriminals deploy by disguising it as popular gambling games like Badugi, Go-Stop, and Hold'em.

28/10/2024

Multiple vulnerabilities in the Realtek SD card reader driver, RtsPer.sys, affect laptops from major brands like Dell and Lenovo.

Read more :

Multiple vulnerabilities in the Realtek SD card reader driver, RtsPer.sys, affect laptops from major brands like Dell and Lenovo.

28/10/2024

WhatsUp Gold, a popular network monitoring tool, has a critical vulnerability in versions before 2024.0.0, exposing organizations to potential cyber attacks and unauthorized data access.

Read more :

WhatsUp Gold has a critical vulnerability in versions before 2024.0.0, risking cyber attacks and data breaches.

25/10/2024

Cisco issued a critical advisory for a vulnerability in its Adaptive Security Appliance (ASA) Software that could let remote attackers execute commands with root privileges.

Read more :

Cisco's CVE-2024-20329 advisory warns that ASA Software lets remote attackers execute root commands on CiscoSSH-enabled devices.

25/10/2024

Stored XSS vulnerability in Roundcube Webmail is exploited in attacks on ex-USSR government agencies.

Read more :

Stored XSS in Roundcube Webmail was used in attacks on ex-USSR government agencies, with unknown perpetrators.

22/10/2024

Phishing attacks trick individuals into revealing sensitive info by impersonating trusted entities, often through urgent emails with malicious links or attachments.

Read more about it :

Trustwave analysts recently warned of Callback Phishing attacks using Google Groups to steal login details.

22/10/2024

Kaspersky reports nearly 10 million personal and corporate devices were compromised by data-stealing malware in 2023, a 643% rise in three years.

Read more :

Kaspersky reports nearly 10 million personal and corporate devices were compromised by data-stealing malware in 2023.

21/10/2024

Bumblebee malware has reemerged, threatening corporate networks globally, following its first sighting since Europol’s May 2024 Operation Endgame.

Read more :

Bumblebee malware has reemerged, threatening corporate networks globally, following its first sighting since Europol’s May 2024.

15/10/2024

The ErrorFather campaign, a new variant of the Cerberus banking trojan, emerged in September 2024.

Read more :

15 10, 2024 ErrorFather hackers remotely attack and control Android devices Gallery ErrorFather hackers remotely attack and control Android devices Android malware, Internet Security, malicious cyber actors, Malware, Mobile Security, Security Advisory, Security Update ErrorFather hackers remotely at...

13/10/2024

Infostealer malware, like the recently identified PureLogs, poses significant risks due to its low cost and ease of use, making it accessible to even low-level hackers.

Read more :

Infostealer malware like PureLogs is risky due to its low cost and ease of use, attracting even novice hackers.

13/10/2024

Hackers exploit a zero-day vulnerability (CVE-2024-43047) in Qualcomm chipsets, risking millions of Android users globally.

Read more :

Hackers exploit a zero-day vulnerability (CVE-2024-43047) in Qualcomm chipsets, risking millions of Android users globally.

04/10/2024

Perfctl, a stealthy malware, is targeting millions of Linux servers, exploiting over 20,000 misconfigurations, according to Aqua Nautilus researchers.

Read more about it :

Perfctl, a stealthy malware, is targeting millions of Linux servers, exploiting over 20,000 misconfigurations, according to Aqua Nautilus.

04/10/2024

A PoC exploit for the Microsoft Office vulnerability CVE-2024-38200 has been released, allowing attackers to capture NTLMv2 hashes.

Rea more :

A PoC exploit for the Microsoft Office vulnerability CVE-2024-38200 has been released, allowing attackers to capture NTLMv2 hashes.

04/10/2024

Google released a Chrome update fixing critical vulnerabilities that could allow arbitrary code ex*****on.

Read more : https://firsthackersnews.com/chrome-vulnerabilities/