Polyfill Supply Chain Attack Affects Over 100,000 Websites
A widespread supply chain attack has hit more than 100,000 websites, including notable platforms like JSTOR, Intuit, and the World Economic Forum. The attack stems…
Author: Cybernoz
Chinese Espionage Group “ChamelGang” Uses Attacks for Disruption, Data Theft
SentinelOne’s research arm, SentinelLabs, has revealed startling new details on the strategic use of ransomware by cyberespionage actors for financial gain, disruption, distraction, or misattribution.…
CVE-2024-36680:SQLi Exposure Threatens Facebook’s Customers
SQL Injection Exposure in Promokit.eu Threatens Facebook’s PrestaShop Customers PrestaShop is a free, open-source E-commerce platform launched in 2007. Built with PHP and MySQL, it…
Vic gov supplier bank details altered in cyber attacks – Security
Victorian government departments have had the bank details of suppliers that are held in a central database altered by hackers four times in the space…
Queensland Rail finds its next CIDO – Training & Development
Queensland Rail has found its next chief information and digital officer (CIDO), recruiting Darren Cavanagh from Transport for NSW to fill the vacant role. Queensland…
OpenAI delays rolling out its ‘Voice Mode’ to July – Software
ChatGPT maker OpenAI said it was delaying the release of its “Voice Mode” feature by a month to July because of technical issues. The company…
New MOVEit Transfer critical bug is actively exploited
New MOVEit Transfer critical bug is actively exploited Pierluigi Paganini June 26, 2024 Experts warn of active exploitation of a critical authentication bypass vulnerability in…
Microsoft Employee Accidentally Leaks PlayReady Source Code
A Microsoft software engineer accidentally published internal PlayReady DRM source code on a publicly accessible developer forum. The 4GB data leak contains sufficient information to…
Russian Man Indicted For Cyberattacks Targeting Ukraine, US
A U.S. grand jury has indicted a Russian citizen, Amin Timovich Stigal, for allegedly conspiring with Russia’s military intelligence agency (GRU) to launch cyberattacks crippling…
New “Snowblind” Android Malware Steals Logins, Bypasses Security Features
Promon, a leading mobile app security provider, has discovered a new Android malware called Snowblind. In their report, shared ahead of its release with Hackread.com…
Stolen data is from a bank, not US Federal Reserve
Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the…
Most critical open source projects not using memory safe code
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. The…