Bigpanzi botnet infects 170,000 Android TV boxes with malware
A previously unknown cybercrime syndicate named ‘Bigpanzi’ has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015.…
Category: Bleeping Computer
Building robust cybersecurity architecture with open source tools
Cybersecurity architecture refers to the design and structure of an organization’s approach to securing its information systems. It outlines the components, policies, technologies, and processes…
AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks
A new vulnerability dubbed ‘LeftoverLocals’ affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space. Tracked…
Majorca city Calvià extorted for $11M in ransomware attack
The Calvià City Council in Majorca announced it was targeted by a ransomware attack on Saturday, which impacted municipal services. Calvià is a historic town…
GitHub rotates keys to mitigate impact of credential-exposing flaw
GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment variables. This unsafe reflection vulnerability…
MacOS info-stealers quickly evolve to evade XProtect detection
Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently.…
Citrix warns of new Netscaler zero-days exploited in attacks
Citrix urged customers on Tuesday to immediately patch Netscaler ADC and Gateway appliances exposed online against two actively exploited zero-day vulnerabilities. The two zero-days (tracked…
Google fixes first actively exploited Chrome zero-day of 2024
Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of the year. “Google is aware…
Androxgh0st malware botnet steals AWS, Microsoft credentials
CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen…
PixieFail flaws impact PXE network boot in enterprise systems
A set of nine vulnerabilities, collectively called ‘PixieFail,’ impact the IPv6 network protocol stack of Tianocore’s EDK II, the open-source reference implementation of the UEFI…
The Dual Role AI Plays in Cybersecurity: How to Stay Ahead
There’s a wide range of AI-enabled solutions available for various business use cases, and organizations are increasingly recognizing their value. According to a survey, 33…
Atlassian warns of critical RCE flaw in older Confluence versions
Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical remote code execution (RCE) vulnerability that impacts versions released before December 5, 2023,…