UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has...
News
Critical Vulnerabilities in VMware vCenter Server
VMware has released security updates addressing critical vulnerabilities (CVE-2024-37079 and CVE-2024-37080) affecting their vCenter Server products. The vulnerabilities have a...
New Threat Actor ‘Void Arachne’ Targets Chinese Users with Malicious VPN Installers
Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI)...
Warning: Markopolo’s Scam Targeting Crypto Users via Fake Meeting Software
A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital...
New Case Study: Unmanaged GTM Tags Become a Security Nightmare
Are your tags really safe with Google Tag Manager? If you've been thinking that using GTM means that your tracking...
Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors...
VMware Discloses Critical Vulnerabilities, Urges Immediate Remediation
VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, urging customers to immediately install updates...
Report Reveals Record Exploitation Rate For Load Balancers
Threat actors are increasingly targeting edge devices known as load balancers, according to new data from Action1 which revealed a...
92% of Organizations Hit by Credential Compromise from Social Engineering Attacks
More than nine in 10 (92%) organizations experienced an average of six credential compromises caused by email-based social engineering attacks...
Quarter of Firms Suffer an API-Related Breach
Digital transformation projects appear to be accelerating faster than organizations’ efforts to secure them, with nearly a quarter (23%) admitting they...
Signal Foundation Warns Against EU’s Plan to Scan Private Messages for CSAM
A controversial proposal put forth by the European Union to scan users' private messages for detection child sexual abuse material...
Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer
Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called...
VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited...
New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering...
The Annual SaaS Security Report: 2025 CISO Plans and Priorities
Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part...
Singapore Police Extradites Malaysians Linked to Android Malware Fraud
The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a...
London Ransomware Attack Led to 1500 Cancelled Appointments and Operations
Over 800 planned operations and 700 outpatient appointments had to be rearranged in the first week after a critical ransomware...
Academics Develop Testing Benchmark for LLMs in Cyber Threat Intelligence
Large language models (LLMs) are increasingly used for cyber defense applications, although concerns about their reliability and accuracy remain a...
Los Angeles Public Health Department Discloses Large Data Breach
Los Angeles County Department of Public Health (DPH) has disclosed a data breach impacting more than 200,000 individuals.The data stolen...
Meta Pauses European GenAI Development Over Privacy Concerns
Meta has delayed plans to train its large language models (LLMs) using public content shared on Facebook and Instagram following...
China Attempted Covert Military Drone Tie-Up With UK University – Report
A new report has revealed apparently secretive attempts by a Chinese state-owned enterprise to access cutting-edge AI research at a...
US-CERT Vulnerability Summary for the Week of June 10, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models
ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious...
China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in...
