New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to...
News
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source...
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute...
Google Chrome Multiple Vulnerabilities
Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
SUSE Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in SUSE Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial...
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a...
CTEM in the Spotlight: How Gartner’s New Categories Help to Manage Exposures
Want to know what's the latest and greatest in SecOps for 2024? Gartner's recently released Hype Cycle for Security Operations...
Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors
The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of...
Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot
Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information...
Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation
Google has revealed that a security flaw that was patched as part of a security update rolled out last week...
US-CERT Vulnerability Summary for the Week of August 19, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious...
Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S.
The Dutch Data Protection Authority (DPA) has fined Uber a record €290 million ($324 million) for allegedly failing to comply...
Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms
Cybersecurity researchers are warning about the security risks in the machine learning (ML) software supply chain following the discovery of...
Unpacking Slack Hacks: 6 Ways to Protect Sensitive Data with Secure Collaboration
Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and...
Critical Flaws in Traccar GPS System Expose Users to Remote Attacks
Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated...
New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards
Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards...
Ubuntu Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in Ubuntu Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial...
New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules
Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on...
Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to...
CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited...
Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp
Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian...
PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads
Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal...
New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads
Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal...
