In the popular compression utility xz, widely utilized across most Linux distributions, a hidden backdoor has been discovered. This malicious code, embedded within the utility’s package, poses a critical threat to the supply chain,...
Players of the multiplayer online shooter Call of Duty recently encountered malicious hacking activity aimed at stealing players’ credentials. Malefactors, employing specialized malicious software, are filching passwords for gaming accounts and cryptocurrency wallets. The...
In a recent software update for Continuous Integration and Delivery (CI/CD) TeamCity by JetBrains, 26 security issues were addressed. Yet, the company chose not to disclose any details about the identified vulnerabilities, sparking heated...
Cisco has published guidelines for its clients on safeguarding against password brute-force attacks targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. The company describes the recently detected malicious activity as...
Specialists at Kaspersky Lab have identified a Linux version of the multi-platform backdoor DinodasRAT (XDealer), targeting China, Taiwan, Turkey, and Uzbekistan. This Remote Access Trojan, crafted in C++, is adept at extracting a broad...
A significant vulnerability has been discovered in the Linux operating system, allowing unprivileged attackers the potential to purloin passwords or alter the clipboard contents of their victims. This issue pertains to the wall command...
This month, the NHS Dumfries & Galloway, a division of the National Health Service of Great Britain servicing the Dumfries and Galloway region in Scotland, encountered a severe cyberattack for which the ransomware group...
In a recent report by Google’s cyber experts, it was revealed that the exploitation of zero-day vulnerabilities surged by 50% in 2023, reaching a total of 97 incidents, up from 62 in the previous...
CyberArk specialists report that malefactors are mastering new methodologies to access users’ data without the necessity for passwords or multifactor authentication requests. A prevalent technique involves intercepting web sessions through the theft of cookie...
The Cybersecurity and Infrastructure Security Agency (CISA) has expressed concern over the active exploitation of a vulnerability within the Microsoft SharePoint system, which allows malefactors to launch attacks via remote code execution (RCE). The...
Netcraft has unveiled the emergence of a new phishing service named Darcula, which manipulates over 20,000 domains to mimic popular brands, aiming to pilfer Android and iPhone users’ credentials across more than 100 countries....
Specialists at ReversingLabs have uncovered a suspicious package within the NuGet package manager, ostensibly targeting developers who utilize tools from the Chinese company Bozhon Precision Industry Technology, which specializes in the production of industrial...
Apple users have encountered a cunning phishing scheme that exploits a vulnerability in the password reset function. Victims find their devices bombarded with such an overwhelming number of system notifications that the smartphone becomes...
Black Lotus Labs has identified a new variant of the TheMoon malware, targeting SOHO offices and IoT devices across 88 countries, which has already infected nearly 7,000 ASUS routers. TheMoon is associated with the...
Twenty-eight free VPN applications on Google Play were found to employ a malicious SDK, transforming Android devices into residential proxies, likely utilized for cybercrimes and bot operations. The team at HUMAN discovered that these...
On March 25th, the United Kingdom and the United States formally accused China of cyberattacks on democratic institutions, linking Chinese intelligence services to incidents at the Electoral Commission in 2021 and attempting to hack...
