New “Snowblind” Android Malware Steals Logins, Bypasses Security Features
Promon, a leading mobile app security provider, has discovered a new Android malware called Snowblind. In their report, shared ahead of its release with Hackread.com…
Month: June 2024
Stolen data is from a bank, not US Federal Reserve
Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the…
Most critical open source projects not using memory safe code
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. The…
War Crime Prosecutions Enter a New Digital Age
A custom platform developed by SITU Research aided the International Criminal Court’s prosecution in a war crimes trial for the first time. It could change…
Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released
The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data…
California, France Partner To Boost Data Privacy Protections
In a significant move to bolster data privacy protections, the California Privacy Protection Agency (CPPA) inked a new partnership with France’s Commission Nationale de l’Informatique…
Windows 11 KB5039302 update released with 9 changes or fixes
Microsoft has released the Windows 11 KB5039302 preview update for Windows 11 version 22H2, bringing several new features and fixes. Since this is an optional update,…
AI driven Google Naptime to help LLM to conduct vulnerability research
Security researchers face significant challenges when hunting for vulnerabilities in Large Language Models (LLMs). However, Google’s Naptime Framework provides a breakthrough in AI-driven vulnerability research,…
New MOVEit Transfer Vulnerability Under Active Exploitation
Jun 26, 2024NewsroomVulnerability / Data Protection A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild…
Credit Suisse Data Breach? 19,000 Employees’ Data Possibly Leaked
Credit Suisse, a global investment bank and financial services firm, has reportedly fallen victim to a cyberattack. The Credit Suisse data breach was allegedly masterminded…
Hackers target new MOVEit Transfer critical auth bypass bug
Threat actors are already trying to exploit a critical authentication bypass flaw in Progress MOVEit Transfer, less than a day after the vendor disclosed it.…
Polyfill JS Library Injected Malware Into 100K+ Websites
Polyfill.js is a JavaScript library that gives modern functionality on older browsers without native support for some web features. Polyfills ensure compatibility across a wide…