Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version (thehackernews.com)
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices (thehackernews.com)
Quanto è sicura la sezione dei tuoi commenti? Scopri come un "grazie" apparentemente innocente sulla pagina di un prodotto ha nascosto una vulnerabilità dannosa (thehackernews.com)
Quando un “Grazie” non è un "Grazie’? Quando è un po’ di codice subdolo che è stato nascosto all’interno di un’immagine “Grazie” che qualcuno ha pubblicato nella sezione commenti di una pagina del prodotto! Il segreto colpevole nascosto all’interno di questo particolare codice è stato progettato per...
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw (thehackernews.com)
Dropbox Discloses Breach of Digital Signature Service Affecting All Users (thehackernews.com)
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw (thehackernews.com)
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks (thehackernews.com)
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability (thehackernews.com)
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks (thehackernews.com)
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike (thehackernews.com)
Russian Hacker Group ToddyCat Uses Advanced Tools for Industrial-Scale Data Theft (thehackernews.com)
BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool (thehackernews.com)
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware (thehackernews.com)
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack (thehackernews.com)
Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks (thehackernews.com)
A new stealthy backdoor malware called Kapeka, likely created by Russia’s APT group Sandworm, has been targeting Eastern Europe.
Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks (thehackernews.com)
Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts (thehackernews.com)
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files (thehackernews.com)
Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel (thehackernews.com)
Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks (thehackernews.com)
Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks (thehackernews.com)
Hackers are exploiting vulnerabilities (CVE-2024-3272 and CVE-2024-3273) in D-Link NAS devices. Up to 92,000 devices affected.
Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies (thehackernews.com)
Google’s Pixel smartphones under attack. Two new Android security flaws - CVE-2024-29745 & CVE-2024-29748 - uncovered, exploited in the wild.
U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (thehackernews.com)
U.S. Cyber Safety Review Board slams Microsoft for security failures that enabled a major data breach by China-backed hackers.
Critical Security Flaw Found in Popular LayerSlider WordPress Plugin (thehackernews.com)
WordPress sites using LayerSlider versions 7.9.11 - 7.10.0 are vulnerable to attack. Hackers could steal sensitive data like passwords.