Apple Patched Two New Zero-days Exploited
Apple has recently taken swift action to patch two zero-day vulnerabilities that posed a potential threat of exploitation in cyberattacks.
The vulnerabilities have been successfully...
Newly Discovered
Apr 11, 2023Ravie LakshmananCloud Security / Data Security
A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to...
Sophos Web Appliance Flaw Let Attacker Execute Arbitrary Code
Sophos has released a new security advisory that has fixed 3 of its significant vulnerabilities, allowing threat actors to execute arbitrary code injection on...
Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security
Apr 11, 2023Ravie LakshmananMobile Security / Malware
Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up...
CISA Urges to Fix Backup Exec Bug
A new ALPHV (aka BlackCat Ransomware) has been found and tracked under the ID UNC4466. This ransomware affiliate uses Veritas Backup Exec Installations, which...
Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages
Apr 11, 2023Ravie LakshmananSoftware Security / Cryptocurrency
Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13...
Tesla Employees Shared Images of Cameras on Customers‘ Cars
Reuters reported that between 2019 and 2022, groups of Tesla employees secretly shared via internal messaging system occasionally highly intrusive recordings and photographs captured...
Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
Apr 10, 2023Ravie LakshmananWeb Security / Malware
Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy...
Hackers Flood NPM with Bogus Packages Causing a DoS Attack
Apr 10, 2023Ravie LakshmananSoftware Security / JavaScript
Threat actors are flooding the npm open source package repository with bogus packages that briefly even resulted...
Estonian National Charged in U.S. for Acquiring Electronics and Metasploit Pro for Russian Military
Apr 10, 2023Ravie LakshmananHacking Tool / Cyber Threat
An Estonian national has been charged in the U.S. for purchasing U.S.-made electronics on behalf of...