Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
Aug 22, 2024Ravie LakshmananVulnerability / Network Security SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that…
Category: TheHackerNews
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
Aug 22, 2024Ravie LakshmananHardware Security / Supply Chain Attack Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards…
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
Aug 22, 2024Ravie LakshmananNetwork Security / Zero-Day Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco…
New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer
Aug 22, 2024Ravie LakshmananCloud Security / Application Security As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are…
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
Aug 22, 2024Ravie LakshmananEnterprise Software / Vulnerability GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including…
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access
Aug 22, 2024Ravie LakshmananWebsite Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit…
Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild
Aug 22, 2024Ravie LakshmananBrowser Security / Vulnerability Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it…
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
Aug 22, 2024Ravie LakshmananDatabase Security / Cryptocurrency Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their…
North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign
Aug 21, 2024Ravie LakshmananCyber Espionage / Malware A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean…
Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
Aug 21, 2024Ravie LakshmananSoftware Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft’s Copilot Studio that could be exploited to access…
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
Aug 21, 2024Ravie LakshmananMalware / Cryptocurrency Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious…
Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details
Aug 21, 2024Ravie LakshmananCyber Espionage / Threat Intelligence In what’s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer…