Visa has issued a warning about the increased activity of a new version of the malicious software JsOutProx, targeting financial institutions and their clients. The campaign has affected institutions in South and Southeast Asia,...
Specialists from Proofpoint and Team Cymru have uncovered a novel malware dubbed Latrodectus, considered an evolution of the well-known IcedID loader, which has been actively deployed in phishing campaigns since November 2023. Initially identified...
The team behind the FixedFloat project has disclosed details of a second security breach of their platform, orchestrated by the same cybercriminals responsible for the February attack. On April 1st, malefactors exploited a vulnerability...
A new vulnerability in the HTTP/2 protocol could be exploited to execute Denial of Service (DoS) attacks. This discovery, dubbed “HTTP/2 CONTINUATION Flood,” was made by cybersecurity researcher Bartek Nowotarski, who reported the issue...
In the widely utilized WordPress plugin LayerSlider, which is employed on over a million websites to craft responsive sliders, image galleries, and animations, a critical vulnerability was recently identified that enables SQL injection without...
The banking trojan Mispadu, previously known for its attacks on Latin America and Spanish-speaking users, is now targeting residents of Italy, Poland, and Sweden. According to research by Morphisec, the campaign’s targets include representatives...
Google has remedied a critical vulnerability in the Chrome browser, identified during the Pwn2Own 2024 competition in Vancouver. The vulnerability, CVE-2024-3159, stems from an out-of-bounds read error in the JavaScript V8 engine, potentially allowing...
Google has addressed two critical zero-day vulnerabilities in its Pixel smartphones, which allowed forensic firms to unlock user phones without a PIN code and access stored data. The Pixel Security Bulletin for April 2024...
Jackson County, a Missouri jurisdiction home to over 715,000 residents, fell victim to a ransomware attack that disrupted its tax payment system and online services, including property registration, marriage license issuance, and inmate searches....
A recent comprehensive study conducted by specialists at Check Point has illuminated the shadowy underbelly of cyberspace, uncovering the operations and identities of malefactors wielding the malicious software Agent Tesla. Agent Tesla is an...
Binarly, a company specializing in software security, has developed a complimentary online scanner for identifying Linux files vulnerable to a supply chain attack targeting the XZ Utils utilities, designated as CVE-2024-3094. CVE-2024-3094 constitutes a...
The popular online shopping platform PandaBuy, specializing in the delivery of clothing, footwear, and other goods from China, recently experienced a significant data breach affecting approximately 1.3 million customers. Responsibility for the system intrusion...
A cybercriminal group known as TA558 has orchestrated a vast phishing campaign aimed at a wide array of industries across Latin America, with the intent of disseminating the malicious software Venom RAT. The primary...
On March 30th, the American telecommunications giant AT&T officially confirmed a data breach affecting approximately 73 million current and former customers. This revelation followed shortly after the hacker MajorNelson posted on BreachForums a database...
Cybersecurity specialists have unearthed a new variant of the Android Trojan, code-named Vultur, endowed with sophisticated remote control capabilities and mechanisms for circumventing protection. The company ThreatFabric reported the first version of this malicious...
Security researcher Notselwyn has discovered a new vulnerability in Linux that allows for root access acquisition. This flaw affects Linux kernel versions from 5.14 to 6.6.14. The vulnerability, identified as CVE-2024-1086 with a CVSS...
