General Security News
-
Common Browser Security Vulnerabilities Used By Hackers To Take Over Browser
While using web browsers, there are security threats that, if not careful, can allow cybercriminals to take over the browser and steal...
-
Hackers Abuse GitHub Codespaces Feature to Host and Deliver Malware
Trend Micro researchers have recently demonstrated that malware and malicious scripts can be hosted and distributed within GitHub Codespaces by...
-
New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability
A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a...
-
New Microsoft Azure Vulnerability Uncovered — EmojiDeploy for RCE Attacks
A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious...
-
Android Users Beware: New Hook Malware with RAT Capabilities Emerges
The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new...
-
Over 4,000 Internet-facing Sophos Firewalls Vulnerable to Code Injection Attacks
The Sophos Firewall Webadmin and User Portal HTTP interfaces are vulnerable to unauthenticated and remote code execution, as stated in an alert...
-
GitLab Critical Security Flaw Let Attacker Execute Arbitrary Code
GitLab has released fixes for two security flaws in Git that are of critical severity and might allow attackers to remotely execute arbitrary code...
-
Mailchimp Suffers Another Security Breach Compromising Some Customers' Information
Popular email marketing and newsletter service Mailchimp has disclosed yet another security breach that enabled threat actors to access an internal...
-
Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa
An ongoing campaign dubbed Earth Bogle is leveraging geopolitical-themed lures to deliver the NjRAT remote access trojan to victims across the...
-
Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks
The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian government entities between July and late...
-
Over 6000 Internet-Exposed Cacti Servers are Unpatched for Critical Security Vulnerability
A significant number of servers that use the Cacti software, and are connected to the internet, have not been updated to fix a security...
-
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out...