Exim Vulnerability Allows Remote Crash via Crafted DNS Responses

The flaws enable an unauthenticated attacker to crash Exim servers remotely by sending specially crafted DNS responses, leading to denial of service.

The Latest

Breaking News and Alerts

Fake CAPTCHA Pages Used in Multi Stage Credential Theft Attack

The attack relies on social engineering to trick users into copying and running a malicious PowerShell payload disguised as a browser verification step.

Spotlight

Cybersecurity Profiles and Stories

New Linux Malware Abuses Microsoft Graph API for Covert Operations in South Asia

GoGra uses OAuth tokens to blend into normal Office 365 traffic, making detection difficult for signature based security tools.

Persistent Backdoor Compromises Cisco Firepower Appliances at a Federal Agency

FIRESTARTER backdoor embeds itself in the firmware of Cisco Firepower appliances, allowing it to survive OS reinstalls and standard security patches.

EtherRAT Campaign Exploits Fake GitHub Repos to Distribute Malware Disguised as Admin Tools

The EtherRAT trojan is being distributed through fraudulent GitHub repositories that convincingly mimic legitimate system administration tools to trick IT professionals into downloading the malware.

Severe cPanel Authentication Bypass Found Exploited in Web Hosting Environments

Exploitation attempts have already been detected in the wild, prompting an urgent call for server administrators to apply security patches immediately.

Features

Research and Thought Leadership