Chinese Hackers Exploit FortiClient Zero-Day with Custom Toolkit “DeepData”
Chinese threat actors, known as "BrazenBamboo," are exploiting a zero-day vulnerability in Fortinet's FortiClient Windows VPN client using a custom post-exploitation toolkit named "DeepData."
Bijay Pokharel,
November 19, 2024
1 min read
Critical WordPress Plugin Vulnerability Puts Millions of Websites at Risk
This vulnerability tracked as CVE-2024-10924, poses a significant risk. It enables attackers to bypass authentication and gain full administrative access to affected sites.
Bijay Pokharel,
November 18, 2024
2 min read
Ohio Man Sentenced to Three Years for Operating $300M Darknet Crypto Mixer
Larry Dean Harmon, 41, of Akron, Ohio, has been sentenced to three years in prison for running Helix, a darknet cryptocurrency mixer that facilitated over $300 million in Bitcoin transactions between 2014 and 2017.
Bijay Pokharel,
November 16, 2024
1 min read
NSO Group Exploited WhatsApp with New Spyware Tactics Despite Legal Challenges
Israeli surveillance firm NSO Group leveraged multiple zero-day vulnerabilities in WhatsApp, including a newly uncovered exploit called "Erised," to deploy its infamous Pegasus spyware.
Bijay Pokharel,
November 16, 2024
3 min read
Chinese Hackers Breach T-Mobile in Massive Espionage Operation
The hackers, associated with a group known as Salt Typhoon, infiltrated T-Mobile’s systems as part of a larger effort to monitor the communications of high-value intelligence targets.
Bijay Pokharel,
November 16, 2024
2 min read
Ilya Lichtenstein Sentenced to Five Years for Role in Massive Bitfinex Bitcoin Theft
Ilya Lichtenstein was sentenced to five years in prison for his role in laundering approximately 120,000 bitcoins stolen from Bitfinex, a leading cryptocurrency exchange.
Bijay Pokharel,
November 15, 2024
1 min read
Dual Citizen Daren Li Pleads Guilty to Cryptocurrency Investment Scam Money Laundering
Daren Li pleads guilty to laundering $73M from cryptocurrency scams, using shell companies and global bank accounts. Sentencing set for March 3, 2025.
Bijay Pokharel,
November 13, 2024
2 min read
Halliburton Ransomware Attack Leads to $35 Million in Losses Amid Ongoing Data Breach Fallout
Halliburton has disclosed that a ransomware attack in August resulted in $35 million in losses after it forced the company to shut down parts of its IT systems and disconnect client systems.
Bijay Pokharel,
November 12, 2024
1 min read
Massive Data Breach Reported for Hot Topic, Box Lunch, and Torrid Customers
Have I Been Pwned (HIBP) has alerted nearly 57 million customers of Hot Topic, Box Lunch, and Torrid about a data breach that exposed sensitive personal information.
Bijay Pokharel,
November 12, 2024
2 min read
Amazon Employee Data Exposed in Vendor Breach Linked to MOVEit Vulnerability
Amazon has confirmed a data breach that exposed its employees’ work email addresses, phone numbers, and office locations due to a security incident involving one of its property management vendors, as first reported by 404 Media.
Bijay Pokharel,
November 12, 2024
1 min read
Major Data Leak Exposes Personal Information of Over 200,000 Tech Job Seekers
A recent data breach has exposed the personal information of more than 200,000 job seekers in the tech sector, revealing sensitive records such as names, phone numbers, email addresses, passport numbers, and visa statuses.
Bijay Pokharel,
November 11, 2024
1 min read
Washington State Court Systems Hit by Cyber Incident, Causing Widespread Outages
Court systems across Washington state have been offline since Sunday following the detection of "unauthorized activity" on judicial networks.
Bijay Pokharel,
November 7, 2024
1 min read
Google Patches Two Actively Exploited Zero-Day Vulnerabilities in Android
In its November 2024 security update, Google has addressed 51 Android vulnerabilities, including two actively exploited zero-day flaws, CVE-2024-43047 and CVE-2024-43093.
Bijay Pokharel,
November 6, 2024
1 min read
Interpol’s Operation Synergia II Dismantles Major Cybercrime Network, Arresting 41 Suspects
Interpol has announced the successful takedown of a large-scale cybercrime operation, arresting 41 individuals and dismantling over 1,037 servers involved in cybercriminal activities across 22,000 IP addresses.
Bijay Pokharel,
November 6, 2024
1 min read
Nokia Investigates Possible Source Code Breach Linked to Third-Party Vendor
Nokia is investigating claims that its source code may have been stolen after a hacker, known as IntelBroker, alleged they obtained the data by breaching a third-party vendor’s server.
Bijay Pokharel,
November 5, 2024
1 min read
AI-Driven Cyber Attacks Top Risk for Enterprises, Says Report
According to a new report, artificial intelligence (AI)- driven malicious attacks were the top emerging cyber-security risk for enterprises in the third quarter of 2024.
Bijay Pokharel,
November 4, 2024
2 min read
Los Angeles Housing Authority Hit by Cactus Ransomware Attack, Sensitive Data at Risk
The Housing Authority of the City of Los Angeles (HACLA) has confirmed a cyberattack on its IT network following claims from the Cactus ransomware gang.
Bijay Pokharel,
November 2, 2024
1 min read
Okta Login Bug Bypassed Password Checks for Long Usernames
Okta published a surprising update to its security advisories disclosing a critical vulnerability that potentially allowed unauthorized logins.
Bijay Pokharel,
November 2, 2024
1 min read
LiteSpeed Cache Fixes Major Security Flaw Allowing Privilege Escalation on WordPress Sites
LiteSpeed Cache, a widely used WordPress plugin with over six million active installs, has patched a critical vulnerability in its latest update that could have allowed unauthenticated visitors to gain administrative access.
Bijay Pokharel,
November 1, 2024
2 min read
Microsoft Alerts on China-Based Quad7 Botnet Targeting SOHO Routers for Credential Theft
Microsoft has issued a warning about a Chinese-operated botnet known as Quad7, or CovertNetwork-1658, which is actively targeting small office and home office (SOHO) routers to steal credentials through password-spray attacks.
Bijay Pokharel,
November 1, 2024
2 min read





