Security experts have recently disclosed a high-severity vulnerability in Kubernetes that, under certain conditions, could allow an attacker to remotely execute code with elevated privileges. “The vulnerability allows remote code execution with SYSTEM privileges on...
Trend Micro has unveiled novel cyberattack methodologies employed by the RedCurl group, which manipulates a legitimate Windows component to execute malevolent commands. The Program Compatibility Assistant (PCA), designed to address compatibility issues with older...
The cybercriminal collective known as Blind Eagle has intensified its attacks on Spanish-speaking users, particularly those employed in the manufacturing sector of North America. To disseminate malware, the hackers have adopted a novel type...
Fortinet has released an update to rectify a critical vulnerability in the FortiClient Enterprise Management Server (EMS) software, which allowed attackers to remotely execute code on susceptible servers. FortiClient EMS provides administrators with tools...
In Canada, a verdict was rendered against one of the administrators of the notorious LockBit group, which specializes in the dissemination of ransomware. 34-year-old Mikhail Vasiliev, holding citizenships in Canada and Russia, pleaded guilty...
According to a recent article by 404 Media, U.S. Senator Ron Wyden has accused two of the largest manufacturers of commercial safe locks, SECURAM and Sargent and Greenleaf (S&G), of embedding backdoor codes in...
In mid-January, security researchers identified a significant campaign distributing the malicious software DarkGate, exploiting a recently patched Microsoft Windows security vulnerability in a zero-day fashion, that is, before its correction. According to Trend Micro,...
IBM has unveiled details about the Trojan program PixPirate, which targets Android users in Brazil, circumventing security systems on infected devices and pilfering financial information. PixPirate employs a cunning strategy that allows it to...
Authorities in Leicester, a city in Leicestershire, Britain, have reported a serious cyber incident that necessitated the temporary shutdown of the city’s operational systems and critical telephone lines. The disruption to services was first...
Fortinet’s FortiGuard Labs has unearthed a grave cyber threat dubbed Vcurms RAT, crafted by malefactors who employ email as a command-and-control center and utilize public services such as AWS and GitHub for harboring malicious...
A new threat, codenamed GhostRace (CVE-2024-2193), has been identified by research teams from the Vrije Universiteit Amsterdam and IBM Research Europe. This vulnerability compromises the foundational security tools of operating systems and may result...
Recently, the Python Package Index (PyPI) repository uncovered seven packages engineered for the theft of BIP39 mnemonic phrases, which are utilized for the restoration of private keys in cryptocurrency wallets. This operation, dubbed BIPClip...
The team behind GrapheneOS, which is dedicated to developing a secure iteration of the Android Open Source Project (AOSP), identified a flaw within the Bluetooth stack of Android 14 that could lead to remote...
In 2023, GitHub users inadvertently disclosed approximately 12.8 million credentials and other confidential secrets across more than 3 million public repositories. Cybersecurity experts at GitGuardian, upon investigating this issue, dispatched 1.8 million cautionary emails...
Intel has updated the microcode for its processors to address five security vulnerabilities and has also integrated new code into the Linux kernel to mitigate the effects of a new vulnerability (CVE-2023-28746) related to...
Over the last three weeks, more than 3,900 WordPress sites have been targeted in a new malicious campaign aimed at exploiting a vulnerability in the Popup Builder plugin to inject harmful JavaScript content into...
