In the widely utilized WordPress plugin LayerSlider, which is employed on over a million websites to craft responsive sliders, image galleries, and animations, a critical vulnerability was recently identified that enables SQL injection without...
The banking trojan Mispadu, previously known for its attacks on Latin America and Spanish-speaking users, is now targeting residents of Italy, Poland, and Sweden. According to research by Morphisec, the campaign’s targets include representatives...
Google has remedied a critical vulnerability in the Chrome browser, identified during the Pwn2Own 2024 competition in Vancouver. The vulnerability, CVE-2024-3159, stems from an out-of-bounds read error in the JavaScript V8 engine, potentially allowing...
Jackson County, a Missouri jurisdiction home to over 715,000 residents, fell victim to a ransomware attack that disrupted its tax payment system and online services, including property registration, marriage license issuance, and inmate searches....
A recent comprehensive study conducted by specialists at Check Point has illuminated the shadowy underbelly of cyberspace, uncovering the operations and identities of malefactors wielding the malicious software Agent Tesla. Agent Tesla is an...
Binarly, a company specializing in software security, has developed a complimentary online scanner for identifying Linux files vulnerable to a supply chain attack targeting the XZ Utils utilities, designated as CVE-2024-3094. CVE-2024-3094 constitutes a...
The popular online shopping platform PandaBuy, specializing in the delivery of clothing, footwear, and other goods from China, recently experienced a significant data breach affecting approximately 1.3 million customers. Responsibility for the system intrusion...
A cybercriminal group known as TA558 has orchestrated a vast phishing campaign aimed at a wide array of industries across Latin America, with the intent of disseminating the malicious software Venom RAT. The primary...
On March 30th, the American telecommunications giant AT&T officially confirmed a data breach affecting approximately 73 million current and former customers. This revelation followed shortly after the hacker MajorNelson posted on BreachForums a database...
Cybersecurity specialists have unearthed a new variant of the Android Trojan, code-named Vultur, endowed with sophisticated remote control capabilities and mechanisms for circumventing protection. The company ThreatFabric reported the first version of this malicious...
Security researcher Notselwyn has discovered a new vulnerability in Linux that allows for root access acquisition. This flaw affects Linux kernel versions from 5.14 to 6.6.14. The vulnerability, identified as CVE-2024-1086 with a CVSS...
In the popular compression utility xz, widely utilized across most Linux distributions, a hidden backdoor has been discovered. This malicious code, embedded within the utility’s package, poses a critical threat to the supply chain,...
Players of the multiplayer online shooter Call of Duty recently encountered malicious hacking activity aimed at stealing players’ credentials. Malefactors, employing specialized malicious software, are filching passwords for gaming accounts and cryptocurrency wallets. The...
In a recent software update for Continuous Integration and Delivery (CI/CD) TeamCity by JetBrains, 26 security issues were addressed. Yet, the company chose not to disclose any details about the identified vulnerabilities, sparking heated...
Cisco has published guidelines for its clients on safeguarding against password brute-force attacks targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. The company describes the recently detected malicious activity as...
Specialists at Kaspersky Lab have identified a Linux version of the multi-platform backdoor DinodasRAT (XDealer), targeting China, Taiwan, Turkey, and Uzbekistan. This Remote Access Trojan, crafted in C++, is adept at extracting a broad...
