General Security News
-
Apache Ivy Injection Flaw Let Attackers Exfiltrate Sensitive Data
A blind XPath injection vulnerability was discovered in Apache Software Foundation Apache Ivy, which allows threat actors to exfiltrate data and...
-
Over a Dozen Malicious npm Packages Target Roblox Game Developers
More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023 with capabilities to deploy...
-
CISOs Tout SaaS Cybersecurity Confidence, But 79% Admit to SaaS Incidents, New Report Finds
A new State of SaaS Security Posture Management Report from SaaS cybersecurity provider AppOmni indicates that Cybersecurity, IT, and business...
-
Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates
A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong...
-
DotRunpeX Malware Injector Widely Delivers Known Malware Families to Attack Windows
DotRunpeX is one of the new and stealthiest .NET injectors that employs the “Process Hollowing” method, through which this malware distributes a...
-
Interpol Arrested 14 cybercriminals and uncovered 20,674 suspicious cyber networks
The recent Africa Cyber Surge II operation conducted by INTERPOL and AFRIPOL has revealed a stark reality – the surge in digital insecurity and...
-
3,000+ Android Malware Using Unique Compression Methods to Avoid Detection
Android Smartphones play a vital role in our daily lives, as they help us stay connected and, not only that, they also help in performing several...
-
New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App
A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office...
-
Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software
Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is...
-
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Adobe ColdFusion to its Known Exploited...
-
Cyber Criminals Exploiting Google Drive, OneDrive to Hide Malicious Traffic
Threat actors are actively modifying their TTPs to counter the advanced security mechanisms and tools to accomplish their illicit goals for...
-
Cuba Ransomware Armed with New Weapons to Attack U.S Infrastructure
The Cuba ransomware seems to be gaining more pace with each passing year, and this ransomware has been operating and active since 2019. Until now,...