US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
News
New PaperCut RCE exploit created that bypasses existing detections
A new proof-of-concept (PoC) exploit for an actively exploited PaperCut vulnerability was released that bypasses all known detection rules. The PaperCut...
Twitter says ‘security incident’ exposed private Circle tweets
Twitter disclosed that a 'security incident' caused private tweets sent to Twitter Circles to show publicly to users outside of...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
An advanced persistent threat (APT) actor known as Dragon Breath has been observed adding new layers of complexity to its...
Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Installs Compromised
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack...
New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a...
New Android updates fix kernel bug exploited in spyware attacks
Android security updates released this month patch a high-severity vulnerability exploited as a zero-day to install commercial spyware on compromised...
WordPress custom field plugin bug exposes over 1M sites to XSS attacks
Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are...
New Android FluHorse malware steals your passwords, 2FA codes
A new Android malware called 'FluHorse' has been discovered, targeting users in Eastern Asia with malicious apps that imitate legitimate...
The Week in Ransomware – May 5th 2023 – Targeting the public sector
This week's ransomware news has been dominated by a Royal ransomware attack on the City of Dallas that took down...
ALPHV gang claims ransomware attack on Constellation Software
Canadian diversified software company Constellation Software confirmed on Thursday that some of its systems were breached by threat actors who...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New Android Malware ‘FluHorse’ Targeting East Asian Markets with Deceptive Tactics
Various sectors in East Asian markets have been subjected to a new email phishing campaign that distributes a previously undocumented...
Lack of Visibility: The Challenge of Protecting Websites from Third-Party Scripts
Third-party apps such as Google Analytics, Meta Pixel, HotJar, and JQuery have become critical tools for businesses to optimize their...
Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN
Italian corporate banking clients are the target of an ongoing financial fraud campaign that has been leveraging a new web-inject...
N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks
The North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as...
Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack...
Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by...
Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads
A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads...
How To Create Seamless Digital Experiences For Web And Mobile
Before the online market picked up, companies and small retailers always prioritized the customer experience in their stores. The more...
Ransomware gang hijacks university alert system to issue threats
The Avos ransomware gang hijacked Bluefield University's emergency broadcast system, "RamAlert," to send students and staff SMS texts and email...
Kimsuky hackers use new recon tool to find security gaps
The North Korean Kimsuky hacking group has been observed employing a new version of its reconnaissance malware, now called 'ReconShark,'...
Get 50% off Malwarebytes Premium + Privacy in this limited-time deal
If you are concerned about the security and privacy of your online activities, this new 50% off Malwarebytes deal can bring you...
