The Joomla! Project has released a crucial security update to address a vulnerability that could allow attackers to expose sensitive environment variables. This vulnerability, identified as CVE-2023-40626, affects Joomla! CMS versions 1.6.0-4.4.0 and 5.0.0....
In the intricate web of WordPress plugins, Contact Form 7 stands out for its versatility and popularity, boasting over 5 million installations. But with great popularity comes great responsibility, and recently, a flaw has...
In the ever-evolving landscape of cybersecurity threats, a new and concerning campaign has emerged, known as the Cactus Ransomware Campaign. This campaign, as observed and analyzed by Arctic Wolf Labs, marks a novel method...
The Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury has imposed sanctions on the North Korea-supported hacking group Kimsuky for stealing intelligence data to aid the strategic objectives of...
In its quarterly report on current cyber threats, Meta disclosed that it had blocked 4,789 counterfeit Facebook accounts in recent months for violating the company’s anti-disinformation policy. Meta’s investigation revealed that operators of these...
VirusTotal has introduced a new study actively exploring the potential of large language models, including neural networks, for identifying and automatically analyzing malicious code. This advancement is poised to save time for experts, focusing...
Security researchers at Cybereason have identified a new variant of the ransomware “DJVU,” masquerading as free software. According to security expert Ralph Villanueva, perpetrators employ a well-known attack scheme, but this time, it involves...
Since its emergence in April 2022, the cybercriminal group Black Basta has extorted no less than $100 million in ransoms from its victims, as evidenced by joint research conducted by Corvus Insurance and the...
The Los Angeles Police Department (LAPD) has engaged in a multimillion-dollar agreement with the Israeli firm Cobwebs Technologies to acquire a comprehensive software suite designed for the extensive collection and analysis of citizens’ geolocation...
Apple has released emergency security updates to address two critical zero-day vulnerabilities that have been actively exploited in attacks targeting iPhone, iPad, and Mac devices. These vulnerabilities, collectively known as CVE-2023-42916 and CVE-2023-42917, reside...
Zyxel, a leading provider of networking solutions, has recently released patches addressing a series of critical vulnerabilities affecting their NAS products. These vulnerabilities pose a significant risk to device security, potentially allowing unauthorized access...
In the ever-evolving landscape of cybersecurity, vigilance is paramount. Even widely used and trusted software packages are not immune to vulnerabilities. One such vulnerability, CVE-2023-49083 (CVSS score of 9.1), has been discovered in the...
User credentials – logins and passwords for accessing various services – have become some of the most prized assets for cybercriminals. According to Verizon’s 2023 report, 83% of data breaches occur due to third-party...
In a sobering revelation, a new study from Georgia Tech’s School of Cybersecurity and Privacy has found that three out of four of the world’s most popular websites are failing to implement basic password...
In the realm of wireless connectivity, Bluetooth stands as a ubiquitous technology, seamlessly connecting billions of devices worldwide. From smartphones and laptops to headsets and speakers, its pervasive presence underscores the critical need for...
Google, a frontrunner in digital security, recently announced the rollout of patches addressing seven critical security flaws, including a particularly menacing zero-day vulnerability in its Chrome browser. This actively exploited flaw, tracked as CVE-2023-6345,...
