Russia says US hacked thousands of iPhones in iOS zero-click attacks
Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. The delivery…
Category: Bleeping Computer
New MOVEit Transfer zero-day mass-exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in the MOVEit Transfer file transfer software to steal data from organizations. MOVEit Transfer is a managed file…
Exploit released for RCE flaw in popular ReportLab PDF library
A researcher has published a working exploit for a remote code execution (RCE) flaw impacting ReportLab Toolkit, a popular Python library used by numerous projects…
Amazon faces $30 million fine over Ring, Alexa privacy violations
Amazon will pay $30 million in fines to settle allegations of privacy violations related to the operation of its Ring video doorbell and Alexa virtual…
Kali Linux 2023.2 released with 13 new tools, pre-built HyperV image
Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools, including the Evilginx framework for…
Terminator antivirus killer is a vulnerable Windows driver in disguise
A threat actor known as Spyboy is promoting a tool called “Terminator” on a Russian-speaking hacking forum that can allegedly terminate any antivirus, XDR, and…
Hackers exploit critical Zyxel firewall flaw in ongoing attacks
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install malware. The flaw, which is…
Stealthy SeroXen RAT malware increasingly used to target gamers
A stealthy remote access trojan (RAT) named ‘SeroXen’ has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities.…
Dark Pink hackers continue to target govt and military organizations
The Dark Pink APT hacking group continues to be very active in 2023, observed targeting government, military, and education organizations in Indonesia, Brunei, and Vietnam. The…
How to Automate for Continuous Security
With cyber-attacks becoming more sophisticated, organizations are becoming increasingly aware of the importance of safeguarding their web applications against security vulnerabilities. One common way of…
Toyota finds more misconfigured servers leaking customer info
Toyota Motor Corporation has discovered two additional misconfigured cloud services that leaked car owners’ personal information for over seven years. This finding came after the…
WordPress force installs critical Jetpack patch on 5 million sites
Automattic, the company behind the open-source WordPress content management system, has started force installing a security patch on millions of websites today to address a…