Category: Information Security
In the Python Package Index (PyPI) repository, counterfeit packages disseminating malicious software were detected. These packages, masquerading as popular Python libraries, garnered thousands of downloads globally, including in the United States and China. A...
Japanese motorcycle manufacturer Yamaha Motor and the American healthcare organization WellLife Network have confirmed cyberattacks on their networks following the publication of their data on a leak site operated by a hacker group utilizing...
Security researchers from Trend Micro have discovered that the Kinsing malware (also known as h2miner) is actively exploiting the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with cryptocurrency miners. This vulnerability,...
A critical remote code execution (RCE) vulnerability affecting Apache Submarine, a popular end-to-end machine learning (ML) platform, has been discovered and assigned the identifier CVE-2023-46302. This vulnerability, traced to a security flaw in snakeyaml...
The company Check Point has detected the deployment of a novel USB worm, known as “LitterDrifter,” in targeted attacks. This worm autonomously propagates malicious software through connected USB drives and communicates with the command...
In a worrying development for organizations still running Microsoft Exchange Server, over 63,000 servers remain vulnerable to a critical remote code execution (RCE) vulnerability, despite being patched by Microsoft in November 2023. This vulnerability,...
In the vast landscape of big data processing, Apache Hadoop stands as a colossus, powering the computational needs of countless enterprises worldwide. However, a recent discovery, CVE-2023-26031, has cast a shadow over its formidable...
In the intricate web of cybersecurity, a new menace has surfaced, posing a significant threat to thousands of businesses relying on the CrushFTP server suite. One such vulnerability, CVE-2023-43177, recently emerged in the popular...
The cybercriminal group ALPHV/BlackCat has innovated extortion methods by filing a complaint with the U.S. Securities and Exchange Commission (SEC) against MeridianLink. The hackers accused the company of failing to comply with the four-day...
Henry Schein, the world’s largest distributor of medical goods, has officially confirmed that the security incident that transpired last month culminated in a comprehensive data breach. In notifications to clients and suppliers dated November...
Microsoft has released a security update to address a critical vulnerability in the Azure CLI that could be exploited by attackers to recover plaintext passwords and usernames from log files created by the affected...
Specialists from the FBI and CISA have issued a joint warning regarding the intensification of a hacking collective known as Royal Ransomware. According to the agencies, since September 2022, the malefactors have targeted at...