Tuesday , April 1 2025

International

iPhones Hacked Via iOS Zero-Click Exploit To Deploy Spyware

Microsoft Threat Intelligence experts say a threat group is associated with “QuaDream,” an Israeli-based private sector offensive actor (PSOA). It employed a zero-click exploit called END OF DAYS to compromise the iPhones of high-risk individuals. Reports say QuaDream sells a platform called REIGN to governments for use in law enforcement. A collection …

Read More »

Sophos Web Appliance Critical Flaw Let Attacker Execute Arbitrary Code

Sophos has released a new security advisory that has fixed 3 of its significant vulnerabilities, allowing threat actors to execute arbitrary code injection on Sophos Web Appliance (SWA). CVE(s): CVE-2023-1671 – Pre-Auth Command Injection CVE-2022-4934 – Post-Auth Command Injection CVE-2020-36692 – Reflected XSS via POST method CVE-2023-1671 – Pre-Auth Command Injection in Sophos …

Read More »

Pay $20K To Infect Android Devices Via Google Play Store – Darkweb Report

In recent times, it has been observed by the security researchers at Kaspersky’s SecureList that the official Google Play store’s security has become increasingly vulnerable to the schemes of the threat actors. These shady actors have exploited various loopholes to develop tools that can effectively Trojanize the existing Android applications, making them …

Read More »

Google: North Korea-Linked Hackers Target Subject Experts and Think Tanks

A North Korean government-backed hacking crew, tracked as ARCHIPELAGO, is targeting academics, government and military personnel, policymakers, researchers, and think tanks in South Korea and the U.S. According to Google researchers, it has launched cyberattacks against accounts belonging to individuals with expertise in North Korea policies such as sanctions, human rights, and …

Read More »