Citrix RCE bug exploited to breach critical infrastructure org
Threat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519,…
Category: Bleeping Computer
VirusTotal apologizes for data leak affecting 5,600 customers
VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file containing their info to the…
GitHub warns of Lazarus hackers targeting devs with malicious projects
GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their…
Adobe fixes patch bypass for exploited ColdFusion CVE-2023-29298 flaw
Adobe released an emergency ColdFusion security update that fixes critical vulnerabilities, including a fix for a new zero-day exploited in attacks. As part of today’s…
Threat Actors are Targeting Your Web Applications – Here’s How To Protect Them
Web applications remain a prime target for cyberattacks, posing significant risks to businesses and their bottom lines. So much so, in fact, that a staggering…
Critical AMI MegaRAC bugs can let hackers brick vulnerable servers
Image: Bing Image Creator Two new critical severity vulnerabilities have been discovered in the MegaRAC Baseboard Management Controller (BMC) software made by hardware and software…
Google Chrome gets Windows 11’s new design
Google’s Chrome 115 has a new feature that allows users to use Windows Mica material, a design element that enhances user personalization. To access this function,…
APT41 hackers target Android users with WyrmSpy, DragonEgg spyware
The Chinese state-backed APT41 hacking group is targeting Android devices with two newly discovered spyware strains dubbed WyrmSpy and DragonEgg by Lookout security researchers. APT41…
New P2PInfect worm malware targets Linux and Windows Redis servers
Earlier this month, security researchers discovered a new peer-to-peer (P2P) malware with self-spreading capabilities that targets Redis instances running on Internet-exposed Windows and Linux systems.…
JumpCloud breach traced back to North Korean state hackers
US-based enterprise software company JumpCloud was breached by North Korean Lazarus Group hackers, according to security researchers at SentinelOne and CrowdStrike. In a report published…
Estée Lauder beauty giant breached by two ransomware gangs
Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. In a…
Estée Lauder beauty giant breached in two separate ransomware attacks
Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. In a…