NPAV Logo

Shopping Cart My Cart 0
₹0.00
Currency
INR
Currency
INR

fp6a

  1. CISA Advisory: Hackers Breach U.S. Federal Agency Network via GeoServer RCE (CVE-2024-36401) in 3-Week Undetected Attack

    CISA Advisory: Hackers Breach U.S. Federal Agency Network via GeoServer RCE (CVE-2024-36401) in 3-Week Undetected Attack

    Posted: September 24, 2025
    Categories: Data Breach, Hacker
    Tags: fp6a, fp-6b, fp-5b, fp-5a, fp-1b
    Author: Npav Lab
    Views: 8
    CISA details threat actors exploiting CVE-2024-36401 in GeoServer for initial access to a U.S. federal network on July 11, 2024, using webshells, dirtycow escalation, and lateral movement—undetected until July 31. Key lessons: Immediate KEV patching, enhanced IR plans, and continuous EDR monitoring.
    Read more
  2. Hackers Bypass Microsoft Defender to Deploy Akira Ransomware

    Hackers Bypass Microsoft Defender to Deploy Akira Ransomware

    Posted: August 11, 2025
    Categories: Ransomware, Hacker, Microsoft
    Tags: fp6a, fp-6b, fp-4a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 42
    Hackers exploit a legitimate driver to bypass Microsoft Defender and install Akira ransomware. Learn how this vulnerability works and how to protect your PC.
    Read more
Categories
Recent Posts
Infographic map of 2026 FIFA World Cup venues in Canada, Mexico, and USA, showing 16 stadiums with cyber threat icons (ransomware locks, hacktivist masks) overlaying ticketing/streaming systems; arrows to collaboration nodes for security teams, and shield
2026 FIFA World Cup: Escalating Cyber Threats Demand Cross-Border Security for Largest Tournament Yet
September 29, 2025
Infographic of Nimbus Manticore attack chain: spear-phishing email to fake job portal, DLL side-loading via Setup.exe and Windows Defender, MiniJunk/MiniBrowse payloads with C2 servers, targeting icons for defense/telecom in Europe, and evasion tactics li
Nimbus Manticore: Iranian APT Targets European Defense and Telecom with MiniJunk Backdoor and DLL Side-Loading Attacks
September 29, 2025
Infographic illustrating Dynamic DNS abuse: icons of subdomain rentals leading to C2 servers, threat actor groups (APT28, APT29, APT10) with arrows to obfuscated networks, 70,000 domains counter, and defensive barriers like monitoring tools and domain blo
Threat Actors Exploit Dynamic DNS Providers for Resilient C2 Infrastructure: APT28, APT29, and More
September 29, 2025
Illustration showing the Digital Personal Data Protection (DPDP) Act shield protecting sensitive employee data.
DPDP Act: Employee Data Privacy is India's New Compliance Test
September 29, 2025
Diagram showing postmark-mcp npm package with hidden BCC line sending emails to attacker server giftshop.club, AI assistant icon granting full email/database access, Koi risk engine detecting anomaly, and warning signs for compromised organizations.
Malicious Postmark-MCP Server Steals Emails via Hidden BCC in AI-Powered Workflows
September 29, 2025
Back to Top