GitHub goes passwordless, announces passkeys beta preview
GitHub announced today the introduction of passwordless authentication support in public beta, allowing users to upgrade from security keys to...
cybersecurity
Critical RCE found in popular Ghostscript open-source PDF library
Image: Bing Create Ghostscript, an open-source interpreter for PostScript language and PDF files widely used in Linux, has been found...
SonicWall warns admins to patch critical auth bypass bugs immediately
SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company's Global Management System (GMS) firewall management and...
New PyLoose Linux malware mines crypto directly from memory
A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining....
Microsoft: Unpatched Office zero-day exploited in NATO summit attacks
Microsoft disclosed today an unpatched zero-day security bug in multiple Windows and Office products exploited in the wild to gain...
Hackers exploit Windows policy to load malicious kernel drivers
Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers...
Deutsche Bank confirms provider breach exposed customer data
Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its...
HCA confirms breach after hacker steals data of 11 million patients
HCA Healthcare disclosed a data breach impacting an estimated 11 million patients who received care at one of its hospitals...
Apple confirms WebKit security updates break browsing on some sites
Apple confirmed today that emergency security updates released on Monday to address a zero-day bug exploited in attacks also break browsing on...
Streamlining security operations with automated incident response
The rise in the number and complexity of cyber threats has made quick response to security incidents vital for organizations....
Former employee charged for attacking water treatment plant
A former employee of Discovery Bay Water Treatment Facility in California was indicted by a federal grand jury for intentionally...
Razer investigates data breach claims, resets user sessions
Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting...
VMware warns of exploit available for critical vRealize RCE bug
VMware warned customers today that exploit code is now available for a critical vulnerability in the VMware Aria Operations for...
RomCom hackers target NATO Summit attendees in phishing attacks
A threat actor referred to as 'RomCom' has been targeting organizations supporting Ukraine and guests of the upcoming NATO Summit...
Charming Kitten hackers use new ‘NokNok’ malware for macOS
Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that...
New ‘Big Head’ ransomware displays fake Windows update alert
Security researchers have dissected a recently emerged ransomware strain named ‘Big Head’ that may be spreading through malvertising that promotes fake Windows...
The Need for Risk-Based Vulnerability Management to Combat Threats
Cyber attacks are increasing as the number of vulnerabilities found in software has increased by over 50% in the last...
Critical TootRoot bug lets attackers hijack Mastodon servers
Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers...
CISA warns govt agencies to patch actively exploited Android driver
CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of...
MOVEit Transfer customers warned to patch new critical flaw
MOVEit Transfer, the software at the center of the recent massive spree of Clop ransomware breaches, has received an update...
Barracuda working on fix for ongoing Email Gateway login issues
Image: Bing Image Creator Email and network security firm Barracuda is working to fix an ongoing issue that triggers invalid...
300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bug
Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after...
Google Analytics data transfer to U.S. brings $1 million fine to Swedish firms
The Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten – IMY) has fined two companies with 12.3 million SEK (€1 million/$1.1 million)...
Hackers target European government entities in SmugX campaign
A phishing campaign that security researchers named SmugX and attributed to a Chinese threat actor has been targeting embassies and...
