Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks
Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code...
News
Mitigating Skeleton Key, a new type of generative AI jailbreak technique
In generative AI, jailbreaks, also known as direct prompt injection attacks, are malicious user inputs that attempt to circumvent an...
Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application
A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to...
Russian National Indicted for Cyber Attacks on Ukraine Before 2022 Invasion
A 22-year-old Russian national has been indicted in the U.S. for his alleged role in staging destructive cyber attacks against...
Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability – Patch ASAP!
A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly...
Fake Law Firms Con Victims of Crypto Scams, Warns FBI
Victims of cryptocurrency scams have lost nearly $10m over the past year to fraudsters claiming to be lawyers who can...
Novel Banking Malware Targets Customers in Southeast Asia
A novel malware strain is being used to target banking customers in Southeast Asia, leading to financial losses and fraud,...
Identity Crime Reports Drop 16% Annually but Job Scams Surge
Reports of identity compromise, theft and misuse in the US fell by 16% year-on-year (YoY) in 2023, but digital thieves...
Progress Discloses Two New Vulnerabilities in MOVEit Products
Progress Software has disclosed two fresh vulnerabilities in its MOVEit file transfer products.The first is an authentication bypass affecting the...
Cyber Attackers Turn to Cloud Services to Deploy Malware
Malware operators are turning to legitimate cloud services to conduct malicious campaigns, according to cybersecurity firm Fortinet.In a new report,...
Ongoing Medusa Campaign Targeting Android Device Users
There are reports of an ongoing Medusa malware campaign targeting Android device users. The Medusa banking trojan, first discovered in...
New MOVEit Transfer Vulnerability Under Active Exploitation – Patch ASAP!
A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly...
New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites
Multiple content management system (CMS) platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web...
Practical Guidance For Securing Your Software Supply Chain
The heightened regulatory and legal pressure on software-producing organizations to secure their supply chains and ensure the integrity of their...
Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware
Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting...
Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping
Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones...
Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack
Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired...
New Medusa Android Trojan Targets Banking Users Across 7 Countries
Cybersecurity researchers have discovered an updated version of an Android banking trojan called Medusa that has been used to target...
Credential Stuffing Attack Hits 72,000 Levi’s Accounts
Tens of thousands of Levi’s customers may have had their accounts compromised after a credential stuffing attack, the clothing giant...
Suspected North Korean Attack Drains $2m from CoinStats Wallets
A popular cryptocurrency portfolio management specialist has revealed a major cyber-attack which impacted 1590 of its customers’ crypto wallets.CoinStats describes...
New Medusa Trojan Variant Emerges with Enhanced Stealth Features
New fraud campaigns have been discovered involving the Medusa (TangleBot) banking Trojan, which had evaded detection for nearly a year. An...
Cloud Breaches Impact Nearly Half of Organizations
Nearly half (44%) of organizations have experienced a cloud data breach, with 14% reporting having had an incident in the...
Google’s Naptime Framework to Boost Vulnerability Research with AI
Vulnerability researchers at Google’s Project Zero have introduced Naptime, a new framework that will be used to enable a large...
Dark Web Sees 230% Rise in Singapore Identity Theft
Security researchers have uncovered a significant increase in dark web activity involving stolen identity information from Singapore citizens. In an advisory...
