Aggregator

You must login to view this content

A sophisticated Trojan malware known as SparkKitty has been actively targeting iOS and Android devices since early 2024, infiltrating both official app stores and untrusted websites to steal images from users’ device galleries. This malware campaign, which appears to be an evolution of the previous SparkCat operation, poses significant threats to users primarily in Southeast […]

The post SparkKitty Malware Attacking iOS and Android Device Users to Steal Photos From Gallery appeared first on Cyber Security News.

A sophisticated new distribution method for XwormRAT malware that leverages steganography techniques to hide malicious code within legitimate files. This discovery highlights the evolving tactics of cybercriminals who are increasingly using advanced obfuscation methods to bypass security detection systems and deceive unsuspecting users. The latest XwormRAT campaign represents a significant evolution in malware distribution methodology, […]

The post XwormRAT Hackers Leverage Code Injection for Sophisticated Malware Deployment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical security vulnerability has been discovered in Citrix Windows Virtual Delivery Agent that allows local attackers to escalate privileges and gain SYSTEM-level access to affected systems.  The vulnerability, tracked as CVE-2025-6759, affects multiple versions of Citrix Virtual Apps and Desktops and Citrix DaaS platforms, posing significant risks to enterprise environments relying on these virtualization […]

The post Citrix Windows Virtual Delivery Agent Vulnerability Let Attackers Gain SYSTEM Privileges appeared first on Cyber Security News.

A critical security vulnerability has been discovered in FortiWeb web application firewalls that enables unauthenticated attackers to execute unauthorized SQL commands through specially crafted HTTP and HTTPS requests.  This vulnerability, classified as CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), represents a significant threat to organizations relying on FortiWeb for web application […]

The post FortiWeb SQL Injection Vulnerability Allows Attacker to Execute Malicious SQL Code appeared first on Cyber Security News.