CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated…
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.…
Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. The Aviatrix…
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using…
A new ransomware campaign encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms…
Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) outage that is blocking customers from accessing Microsoft 365 Office apps. Some affected Microsoft 365 users also report…
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. With…
A pastor at a Pasco, Washington, church has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded investors of millions…
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to enroll for added security against…
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server.…
Spanish telecommunications company Telefónica confirms its internal ticketing system was breached after stolen data was leaked on a hacking forum. Telefónica is a Spanish multinational…
The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ransomware gangs and North Korean hackers to…
