Experts detected a new variant of RUSTBUCKET macOS malwareSecurity Affairs
Researchers spotted a new version of the RustBucket Apple macOS malware that supports enhanced capabilities. Researchers from the Elastic Security Labs have spotted a new…
Category: Securityaffairs
Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email…
WordPress sites using the Ultimate Member plugin are under attackSecurity Affairs
Threat actors are exploiting a critical WordPress zero-day in the Ultimate Member plugin to create secret admin accounts. Hackers are actively exploiting a critical unpatched…
LockBit gang demands a $70 million ransom to the Semiconductor Manufacturing giant TSMCSecurity Affairs
The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan…
Avast released a free decryptor for Windows version of Akira ransomwareSecurity Affairs
Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Cybersecurity firm Avast released…
Iran-linked Charming Kitten APT enhanced its POWERSTAR BackdoorSecurity Affairs
Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm Volexity observed the Iran-linked Charming…
North Korean Andariel APT used a new malware named EarlyRatSecurity Affairs
North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting…
miniOrange’s WordPress Social Login and Register plugin affected by a critical auth bypassSecurity Affairs
A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. Wordfence researchers discovered an…
The phone monitoring app LetMeSpy disclosed a data breachSecurity Affairs
Android app LetMeSpy disclosed a security breach, sensitive data associated with thousands of Android users were exposed. The phone monitoring app LetMeSpy disclosed a security breach, threat…
Previously undetected ThirdEye appears in the threat landscapeSecurity Affairs
A new Windows information stealer dubbed ThirdEye appeared in the threat landscape, it has been active since April. Fortinet FortiGuard Labs discovered a previously undetected information stealer…
Former Group-IB manager has been arrested in KazahstanSecurity Affairs
The former head of network security at Group-IB has been arrested in Kazakhstan based on a request from U.S. law enforcement. Nikita Kislitsin who worked…
Experts published PoC for Arcserve UDP auth bypass issueSecurity Affairs
Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor Arcserve addressed a high-severity bypass…