The Cybersecurity and Infrastructure Security Agency (CISA) along with several leading global organizations have issued a new warning about critical vulnerabilities in the products of IT giant Ivanti. According to experts, these issues, identified...
Hoya Corporation, one of the world’s largest manufacturers of eyeglass lenses, medical endoscopes, and other optical equipment, experienced a significant disruption in its IT systems, affecting the production capabilities and order system for some...
According to a recent report by Cisco Talos, since May 2023, Vietnamese hackers have been disseminating a new info-stealer aimed at acquiring financial data. The campaign, named CoralRaider, has targeted victims in India, China,...
Visa has issued a warning about the increased activity of a new version of the malicious software JsOutProx, targeting financial institutions and their clients. The campaign has affected institutions in South and Southeast Asia,...
Specialists from Proofpoint and Team Cymru have uncovered a novel malware dubbed Latrodectus, considered an evolution of the well-known IcedID loader, which has been actively deployed in phishing campaigns since November 2023. Initially identified...
The team behind the FixedFloat project has disclosed details of a second security breach of their platform, orchestrated by the same cybercriminals responsible for the February attack. On April 1st, malefactors exploited a vulnerability...
A new vulnerability in the HTTP/2 protocol could be exploited to execute Denial of Service (DoS) attacks. This discovery, dubbed “HTTP/2 CONTINUATION Flood,” was made by cybersecurity researcher Bartek Nowotarski, who reported the issue...
In the widely utilized WordPress plugin LayerSlider, which is employed on over a million websites to craft responsive sliders, image galleries, and animations, a critical vulnerability was recently identified that enables SQL injection without...
The banking trojan Mispadu, previously known for its attacks on Latin America and Spanish-speaking users, is now targeting residents of Italy, Poland, and Sweden. According to research by Morphisec, the campaign’s targets include representatives...
Google has remedied a critical vulnerability in the Chrome browser, identified during the Pwn2Own 2024 competition in Vancouver. The vulnerability, CVE-2024-3159, stems from an out-of-bounds read error in the JavaScript V8 engine, potentially allowing...
The Financial Times, citing sources, reports that Google may be contemplating the introduction of an artificial intelligence-based search service through a subscription model, with groundwork on the underlying technology already underway. Google seems to...
Jackson County, a Missouri jurisdiction home to over 715,000 residents, fell victim to a ransomware attack that disrupted its tax payment system and online services, including property registration, marriage license issuance, and inmate searches....
A recent comprehensive study conducted by specialists at Check Point has illuminated the shadowy underbelly of cyberspace, uncovering the operations and identities of malefactors wielding the malicious software Agent Tesla. Agent Tesla is an...
Binarly, a company specializing in software security, has developed a complimentary online scanner for identifying Linux files vulnerable to a supply chain attack targeting the XZ Utils utilities, designated as CVE-2024-3094. CVE-2024-3094 constitutes a...
The popular online shopping platform PandaBuy, specializing in the delivery of clothing, footwear, and other goods from China, recently experienced a significant data breach affecting approximately 1.3 million customers. Responsibility for the system intrusion...
A cybercriminal group known as TA558 has orchestrated a vast phishing campaign aimed at a wide array of industries across Latin America, with the intent of disseminating the malicious software Venom RAT. The primary...
