Alerts List
AL2025_09 Microsoft Warns of ViewState Code Injection Attacks Exploiting Exposed ASP.NET Keys (11th February 2025)
Description Microsoft has issued a warning regarding the misuse of exposed ASP.NET machine keys in ViewState code injection attacks. These attacks lev . . . Read more

Date Publish: Feb 11th 25
AL2025_08 Netgear warns users to patch critical WiFi router vulnerabilities (11th February 2025)
Description Netgear has identified and patched two critical vulnerabilities affecting multiple WiFi router models, including WiFi 6 access points (WAX . . . Read more

Date Publish: Feb 11th 25
AL2025_07 Critical Cisco ISE Vulnerabilities Allow Attackers to Execute Commands as Root (11th February 2025)
Description Cisco has released patches for two critical vulnerabilities in its Identity Services Engine (ISE) security policy management platform. The . . . Read more

Date Publish: Feb 11th 25
AL2025_06 Chinese cyberspies use new SSH backdoor in network device hacks (7th February 2025)
Description A newly identified attack campaign by the Chinese cyber-espionage group Evasive Panda (DaggerFly) involves the hijacking of the SSH daemon . . . Read more

Date Publish: Feb 7th 25
AL2025_05 New Process Hollowing Attack Vectors Uncovered in Windows 11 (24H2) (03rd February 2025) 
Description  Process Hollowing is a code injection technique commonly employed by malware to evade detection. It involves creating a legitimate proces . . . Read more

Date Publish: Feb 3rd 25
AL2025_04 Microsoft Advertisers Account Hacked Using Malicious Google Ads (03rd February 2025) 
Description  A phishing campaign has been identified, targeting Microsoft advertisers through malicious Google Ads. Attackers are leveraging sponsored . . . Read more

Date Publish: Feb 3rd 25
AL2025_03 Time Bandit ChatGPT Jailbreak: A New AI Vulnerability Bypasses Safeguards (30th January 2025) 
Description  A newly discovered ChatGPT jailbreak, dubbed Time Bandit, enables users to bypass OpenAI’s safety measures and gain access to restr . . . Read more

Date Publish: Jan 30th 25
AL2024_43 New Rockstar 2FA Phishing Service Targets Microsoft 365 Accounts (4th December 2024)
Description Rockstar 2FA is a new phishing-as-a-service (PhaaS) platform facilitating adversary-in-the-middle (AiTM) attacks to compromise Microsoft 3 . . . Read more

Date Publish: Dec 4th 24
AL2024_42 BootKitty UEFI Malware Exploits LogoFAIL to Infect Linux Systems (3rd December 2024)
Description BootKitty is a newly identified UEFI (Unified Extensible Firmware Interface) bootkit targeting Linux systems, exploiting a firmware vulner . . . Read more

Date Publish: Dec 3rd 24
AL2024_41 Hackers Exploit Godot Game Engine to Deploy GodLoader Malware (29th November 2024)
Description Cybercriminals have leveraged the popular open-source Godot game engine to distribute malware through a new tool called GodLoader. This ma . . . Read more

Date Publish: Nov 29th 24
AL2024_40 GhostSpider Malware Analysis (29th November 2024)
Description GhostSpider is a sophisticated backdoor malware employed by the Salt Typhoon hacking group, also known as Earth Estries or UNC2286. This g . . . Read more

Date Publish: Nov 29th 24
AL2024_39 Over 2,000 Palo Alto Firewalls Compromised Using Recently Patched Zero-Day Vulnerabilities (29th No
Description Hackers have exploited two recently patched zero-day vulnerabilities in Palo Alto Networks PAN-OS software, compromising over 2,000 firewa . . . Read more

Date Publish: Nov 29th 24