GitLab warns of critical pipeline execution vulnerability
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain…
Category: Bleeping Computer
Fake password manager coding test used to hack Python developers
Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include…
WordPress.org to require 2FA for plugin developers by October
Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on their accounts.…
Adobe fixes Acrobat Reader zero-day with public PoC exploit
A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a…
Chinese hackers linked to cybercrime syndicate arrested in Singapore
Six Chinese nationals and a Singaporean have been arrested on Monday in Singapore for their alleged role in malicious cyber activities committed in connection with a “global syndicate.”…
Criminal IP and IPLocation.io Join Forces for Enhanced IP Analysis
Criminal IP (criminalip.io), a distinguished leader in Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, announced that it has successfully integrated its IP…
Flipper Zero releases Firmware 1.0 after three years of development
After three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable hacking device. Flipper Zero…
Insights for CISOs and Admins
In today’s fast-changing world of cybersecurity, managing endpoint privileges has become essential for protecting organizational assets. For CISOs and cybersecurity teams, grasping the details of…
Wix to block Russian users starting September 12
Wix.com has announced it will stop providing services to Russian users on September 12, 2024, with all accounts from Russia, including free and premium, to…
Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws
Today is Microsoft’s September 2024 Patch Tuesday, which includes security updates for 79 flaws, including four actively exploited and one publicly disclosed zero-days. This Patch…
Windows 11 KB5043076 cumulative update released with 19 changes
Microsoft has released the mandatory Windows 11 23H2 KB5043076 cumulative update to fix security vulnerabilities and make 19 improvements. KB5043076 is a mandatory Windows 11…
Microsoft fixes Windows Smart App Control zero-day exploited since 2018
Microsoft has fixed a Windows Smart App Control and SmartScreen flaw that has been exploited in attacks as a zero-day since at least 2018. On…