Category: Security Affairs

Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from Lumen’s Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices.…

Read more →

Credential Flusher is a method that allows hackers to steal login credentials directly from the victim’s web browser. The cyber attacks have become increasingly sophisticated, putting our personal information at risk. One of the latest and most insidious techniques is…

Read more →

The U.S. Department of Treasury issued new sanctions against five executives and one entity linked to the Intellexa Consortium. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued new sanctions against five individuals and one entity associated…

Read more →

Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution. Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could…

Read more →

Remote attack on pagers used by Hezbollah in Lebanon and Syria caused their explosion; at least 8 nine people dead and more than 2,800 injured. At least nine eight individuals, including a child, were killed and over 2,800 were injured…

Read more →

US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. Air Force, Navy, Army, and the FAA. The U.S. DoJ charged a Chinese national, Song Wu (39), who used spear-phishing emails to…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited…

Read more →

The personal information of a million individuals was published online following a ransomware attack that in June disrupted NHS hospitals in London. In June, a ransomware attack on pathology and diagnostic services provider Synnovis has severely impacted the operations at…

Read more →

Why do consumers refuse to consent to their data being shared? Ensuring transparency on their usage and consent. In the digital world, trust is essential for the relationships between brands and consumers. However, trust is not a once-off exercise; it’s…

Read more →

D-Link fixed multiple critical flaws in its WiFi 6 routers that allow remote attackers to execute arbitrary code or gain hardcoded credentials. D-Link has addressed three critical vulnerabilities, tracked as CVE-2024-45694, CVE-2024-45695, CVE-2024-45697, impacting three wireless router models. The flaws…

Read more →

Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Windows vulnerability CVE-2024-43461 as a zero-day before July 2024. The vulnerability CVE-2024-43461 is…

Read more →

SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager. SolarWinds released security updates to address a critical-severity remote code execution vulnerability, tracked as CVE-2024-28991 (CVSS score of 9.0), in SolarWinds Access Rights Manager (ARM)…

Read more →

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group, citing the risk of “threat intelligence” information exposure.…

Read more →

A hacker tricked ChatGPT into providing instructions to make homemade bombs demonstrating how to bypass the chatbot safety guidelines. A hacker and artist, who goes online as Amadon, tricked ChatGPT into providing instructions to make homemade bombs bypassing the safety…

Read more →

Port of Seattle confirmed on Friday that the Rhysida ransomware group was behind the cyberattack that hit the agency in August. In August, a cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport, websites and…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mythical Beasts and Where to Find Them: Mapping the Global Spyware Market and its Threats to National Security and Human Rights  …

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Cloud Services Appliance OS Command Injection Vulnerability CVE-2024-8190 (CVSS score of 7.2)…

Read more →

Ivanti warned that recently patched flaw CVE-2024-8190 in Cloud Service Appliance (CSA) is being actively exploited in the wild. Ivanti warned that a newly patched vulnerability, tracked as CVE-2024-8190 (CVSS score of 7.2), in its Cloud Service Appliance (CSA) is…

Read more →

GitLab addressed multiple vulnerabilities impacting GitLab CE/EE, including a critical pipeline execution issue. GitLab released security patches for 17 vulnerabilities in GitLab CE (Community Edition) and EE (Enterprise Edition). One of these vulnerabilities is a critical pipeline execution flaw, tracked…

Read more →

A new Linux malware called Hadooken targets Oracle WebLogic servers, it has been linked to several ransomware families. Aqua Security Nautilus researchers discovered a new Linux malware, called Hadooken, targeting Weblogic servers. The name comes from the attack “surge fist”…

Read more →

Lehigh Valley Health Network ’s (LVHN) hospital network has agreed to a $65 million settlement in a class action lawsuit related to a data breach. Lehigh Valley Health Network (LVHN) is a large hospital and healthcare system based in Pennsylvania,…

Read more →

Researchers uncovered an Android malware, dubbed Vo1d, that has already infected nearly 1.3 million Android devices in 197 countries. Doctor Web researchers uncovered a malware, tracked as Vo1d, that infected nearly 1.3 million Android-based TV boxes belonging to users in 197…

Read more →

Fortinet disclosed a data breach after a threat actor claimed the theft of 440GB of files from the company’s Microsoft Sharepoint server. Today, Fortinet told Cyber Daily that a threat actor gained unauthorized access to a third-party service it used.…

Read more →

U.K. police arrested a 17-year-old teenager allegedly linked to the cyberattack on London’s public transportation agency, Transport for London. U.K.’s National Crime Agency announced the arrest of a 17-year-old teenager from Walsall who is allegedly linked to the cyberattack that…

Read more →

The Singapore Police Force (SPF) has arrested six individuals for their role in the operations of a cybercrime ring in the country. The Singapore Police Force (SPF) arrested five Chinese nationals, aged 32 to 42, and a 34-year-old Singaporean man…

Read more →

Adobe addressed tens of vulnerabilities, including critical issues that could allow attackers to execute arbitrary code on Windows and macOS. Adobe Patch Tuesday security updates addressed multiple vulnerabilities in its products, including critical flaws that could allow attackers to execute…

Read more →

Highline Public Schools, a school district in Washington state, remains closed following a cyberattack that occurred two days ago. Two days ago Highline Public Schools (HPS), a school district in Washington state, suffered a cyber attack that caused a significant…

Read more →

Researchers observed the RansomHub ransomware group using the TDSSKiller tool to disable endpoint detection and response (EDR) systems. The RansomHub ransomware gang is using the TDSSKiller tool to disable endpoint detection and response (EDR) systems, Malwarebytes ThreatDown Managed Detection and…

Read more →

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server Ivanti Endpoint Management (EPM) software is a comprehensive solution designed to help organizations manage and secure…

Read more →

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for September 2024 addressed 79 vulnerabilities in Windows and Windows Components; Office and Office Components; Azure; Dynamics Business…

Read more →

The Quad7 botnet evolves and targets new  SOHO devices, including Axentra media servers, Ruckus wireless routers and Zyxel VPN appliances. The Sekoia TDR team identified additional implants associated with the Quad7 botnet operation. The botnet operators are targeting multiple SOHO…

Read more →

Poland ‘s security officials announced that they successfully thwarted cyberattacks that were carried out by Russia and Belarus. Poland security services announced they have thwarted a cyber operation orchestrated by Russia and Belarus, aimed at destabilizing the country, according to…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV)…

Read more →

Payment gateway provider Slim CD disclosed a data breach, credit card and personal data of almost 1.7 million individuals were compromised. The electronic payment gateway Slim CD disclosed a data breach following a cyberattack. Personal data and credit card details…

Read more →

Users are exploiting a privacy flaw in WhatsApp to bypass the app’s “View once” feature, allowing them to re-view messages. The ‘View Once‘ feature in WhatsApp allows users to send photos, videos, and voice messages that can only be viewed…

Read more →

Researchers warn of a fresh cluster of activity associated with the Predator spyware using a new infrastructure, following the U.S. sanctions against the Intellexa Consortium. Recorded Future researchers warn that the Predator spyware has resurfaced with fresh infrastructure after a…

Read more →

A previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The group, which was previously undocumented, uses enterprise resource…

Read more →

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Researchers at Fortinet FortiGuard Labs reported that threat actors exploited the recently disclosed OSGeo GeoServer GeoTools flaw (CVE-2024-36401) to deliver various malware families, including…

Read more →

Progress Software released an emergency to address a maximum severity vulnerability in its LoadMaster products. Progress Software released an emergency fix for a critical vulnerability, tracked as CVE-2024-7591, that affects its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products. The vulnerability is…

Read more →

Russian And Kazakhstani men indicted for operating the Dark Web cybercriminals marketplace WWH Club and other crime forums and markets. Alex Khodyrev (35) from Kazakhstan) and Pavel Kublitskii (37) from Russia have been indicted in Tampa, Florida, for conspiracy to…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. BlackSuit Ransomware Dissecting the Cicada       Year-Long Campaign of Malicious npm Packages Targeting Roblox Users   Rocinante: The trojan horse that wanted…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Draytek VigorConnect and Kingsoft WPS Office vulnerabilities to its Known Exploited…

Read more →

A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts. The LiteSpeed Cache plugin is a popular caching plugin for WordPress that accounts for over 5 million active installations. The…

Read more →

Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers’ personal information. Car rental company Avis notified customers impacted in an Augus data breach. Threat actors breached one of its business…

Read more →

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited…

Read more →

Apache addressed a remote code execution vulnerability affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache fixed a high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5) affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache OFBiz® is an…

Read more →

The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at…

Read more →

Veeam addressed 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One. Veeam security updates to address multiple vulnerabilities impacting its products, the company fixed 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider…

Read more →

The Chinese-speaking threat actor Earth Lusca used the new backdoor KTLVdoor in an attack against a trading company in China. Trend Micro Researchers spotted the Chinese-speaking threat actor Earth Lusca using a new multiplatform backdoor called KTLVdoor. The Earth Lusca…

Read more →

A cyber attack hit the German air traffic control agency (DFS) disrupting its operations, experts attribute it to Russia-linked group APT28. A cyber attack targeted the German Air Traffic Control Agency (DFS), as reported by Spiegel and European Truth. DFS,…

Read more →

Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to an increase in public charging stations. However,…

Read more →

Google addressed a security vulnerability in its Android operating system that is actively exploited in attacks in the wild. Google addressed a high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), in its Android operating system that is under active exploitation…

Read more →

A group of hacktivist known as Head Mare took advantage of the recent CVE-2023-38831 WinRAR flaw in attacks against organizations in Russia and Belarus. Kaspersky researchers reported that a hacktivist group known as Head Mare exploited recently disclosed WinRAR flaw CVE-2023-38831 in attacks against organizations in Russia and…

Read more →

D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router series. Networking hardware vendor D-Link wars of multiple remote code execution (RCE) vulnerabilities in its discontinued DIR-846 router model. The vulnerabilities CVE-2024-44341 and CVE-2024-44342 (CVSS score of…

Read more →

Taiwanese manufacturer Zyxel addressed a critical OS command injection flaw affecting multiple models of its business routers. Zyxel has released security updates to address a critical vulnerability, tracked as CVE-2024-7261 (CVSS v3 score of 9.8), impacting multiple models of its business routers.…

Read more →

VMware released a patch to address a high-severity code execution flaw in its Fusion hypervisor, users are urged to apply it. VMware addressed a high-severity code execution vulnerability, tracked as CVE-2024-38811 (CVSS 8.8/10), in its Fusion hypervisor. The vulnerability is due to…

Read more →

U.S. oil company Halliburton disclosed a data breach following the RansomHub ransomware gang attack that occurred in August. In August, Halliburton, a major U.S. oil company, announced that a cyberattack hit its IT infrastructure, particularly impacting operations at its Houston…

Read more →

Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. Cisco Talos researchers discovered eight vulnerabilities in Microsoft apps for macOS. These flaws could allow attackers to inject malicious libraries into Microsoft’s apps and…

Read more →

Three men have pleaded guilty to operating OTP.Agency, an online service that allowed crooks to bypass Multi-Factor authentication (MFA). Three men, Callum Picari (22), Vijayasidhurshan Vijayanathan (21), and Aza Siddeeque (19), have pleaded guilty to operating OTP.Agency, an online platform…

Read more →

Transport for London (TfL) is investigating an ongoing cyberattack, however, customer information was compromised. Transport for London (TfL) is investigating an ongoing cyberattack. However, the TfL stated that there is no evidence that customer information was compromised during the incident.…

Read more →

The Toronto District School Board (TDSB) confirmed that student information was compromised in the June Lockbit ransomware attack. The Toronto District School Board (TDSB) confirmed that students’ information was compromised following a ransomware attack that was discovered in June.  The TDSB…

Read more →

A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The group appears to be very active and…

Read more →

A vulnerability in an air transport security system allowed unauthorized individuals to bypass airport security screenings. The Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs are two transport security systems that pilots, flight attendants, and other airline employees…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked APT…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules Malware infiltrates Pidgin messenger’s official plugin repository HZ Rat backdoor for macOS…

Read more →

North Korea-linked APT exploited the recently patched Google Chrome zero-day CVE-2024-7971 to deploy the FudModule rootkit. North Korea-linked group Citrine Sleet (aka AppleJeus, Labyrinth Chollima, UNC4736, Hidden Cobra) have exploited the recently patched Google Chrome zero-day CVE-2024-7971(CVSS score 8.8) to deploy…

Read more →

Cybersecurity and automation company Fortra addressed two vulnerabilities in FileCatalyst Workflow software, including a critical-severity flaw. Cybersecurity and automation company Fortra released patches for two vulnerabilities in FileCatalyst Workflow. Once of the vulnerabilities is a critical issue, tracked as CVE-2024-6633…

Read more →

South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group APT-C-60 exploited a zero-day, tracked as CVE⁠-⁠2024⁠-⁠7262, in the Windows version of WPS Office to deploy the SpyGlace…

Read more →

Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527  (CVSS score 10.0) in the Atlassian Confluence Data Center and Confluence Server is being actively…

Read more →

Russia-linked APT29 group was spotted reusing iOS and Chrome exploits previously developed by surveillance firms NSO Group and Intellexa. Google TAG (Threat Analysis Group) researchers observed the Russia-linked group APT29 (aka SVR group, BlueBravo, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes). using exploits previously used…

Read more →

Cisco addressed multiple vulnerabilities impacting NX-OS software, including a high-severity flaw in the DHCPv6 relay agent. Cisco released security updates for NX-OS software that address multiple vulnerabilities. The most severe of the vulnerabilities fixed by the IT giant is a…

Read more →

An instance of the Corona Mirai botnet spreads via AVTECH CCTV zero-day and multiple previously known vulnerabilities. Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as…

Read more →

French prosecutors charged CEO Telegram Pavel Durov with facilitating various criminal activities on the messaging platform. French prosecutors have formally charged Telegram CEO Pavel Durov with facilitating various criminal activities on the platform, including the spread of child sexual abuse…

Read more →

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft researchers reported that the Iran-linked cyberespionage group APT33  (aka Peach Sandstorm, Holmium, Elfin, Refined Kitten, and Magic Hound) used new custom multi-stage backdoor…

Read more →

A ransomware attack by the BlackSuit group on Young Consulting compromised the personal information of over 950,000 individuals. Software solutions provider Young Consulting disclosed a data breach impacting 950,000 individuals following a BlackSuit ransomware attack. On April 13 the company…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Inappropriate Implementation Vulnerability CVE-2024-38856 (CVSS score of 8.8) to its Known…

Read more →

BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks. Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score…

Read more →

The US Department of State offers a $2.5 million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. The US Department of State announced a $2.5 million reward for information leading to…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apache OFBiz Incorrect Authorization Vulnerability CVE-2024-38856 (CVSS score of 9.8) to its Known Exploited Vulnerabilities…

Read more →

A critical flaw in the WPML WordPress plugin, which is installed on 1 million websites, could allow potential compromise of affected sites. The WPML Multilingual CMS Plugin for WordPress is installed on over 1 million sites. An authenticated (Contributor+) Remote…

Read more →

China-linked APT group Volt Typhoon exploited a zero-day flaw in Versa Director to upload a custom webshell in target networks. China-linked APT Volt Typhoon exploited a zero-day vulnerability, tracked as CVE-2024-39717, in Versa Director, to deploy a custom webshell on…

Read more →

CrowdStrike researchers have identified the notorious hacker USDoD who is behind several high-profile data leaks. The notorious hacker USDoD (aka EquationCorp), who is known for high-profile data leaks, is a man from Brazil, according to a CrowdStrike investigation. The news…

Read more →

The Dutch Data Protection Authority (DPA) has fined Uber a record €290M for violating the EU data protection regulation while sending sensitive driver data to the U.S. The Dutch Data Protection Authority (DPA) has fined Uber €290 million ($324 million)…

Read more →

Google released emergency security updates to fix the tenth actively exploited Chrome zero-day vulnerability this year. Google released a security update to address a new Chrome zero-day vulnerability, tracked as CVE-2024-7965 (CVSS score 8.8), that is actively exploited. The vulnerability is…

Read more →

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. The vulnerability is…

Read more →

A cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport, websites and phone systems were impacted. Media reported that the Port of Seattle, which also operates the Seattle-Tacoma International Airport, has suffered a cyber attack…

Read more →

Researchers spotted a new stealthy Linux malware named sedexp that uses Linux udev rules to achieve persistence and evade detection. Aon’s Cyber Solutions spotted a new malware family, called sedexp, that relies on a lesser-known Linux persistence technique. The malware…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Meet UULoader: An Emerging and Evasive Malicious Installer BlindEagle flying high in Latin America   Finding Malware: Unveiling NUMOZYLOD with Google Security…

Read more →

French police arrested Pavel Durov, founder and chief executive of Telegram, due to the lack of content moderation that advantaged criminal activity. Pavel Durov, the founder and CEO of Telegram, was arrested at Bourget airport near Paris on Saturday evening. According…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Versa Director bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Versa Director Dangerous File Type Upload Vulnerability CVE-2024-39717 (CVSS score: 6.6) to its Known Exploited Vulnerabilities…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hackers can take…

Read more →

Recently, researchers warned vacuum and lawn mower robots made by Ecovacs could be hacked to spy on their owners, the company will fix it. During the recent Def Con hacking conference, security researchers Dennis Giese and Braelynn explained that attackers can…

Read more →

A Russian national was arrested in Argentina for laundering proceeds from illicit actors, including North Korea-linked Lazarus Group. This week, the Argentine Federal Police (PFA) arrested a Russian national for laundering proceeds from illicit actors and seized millions of dollars…

Read more →

Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack where operators stole credentials stored in Google Chrome browsers of a limited number…

Read more →

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The threat actors used fake apps almost indistinguishable from real…

Read more →

The Russian national Deniss Zolotarjovs has been charged in a U.S. court for his role in the Karakurt cybercrime gang. Deniss Zolotarjovs (33), a Russian cybercriminal, has been charged in a U.S. court for his role in the Russian Karakurt…

Read more →

Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (MaaS) targeting macOS users dubbed Cthulhu Stealer. Cthulhu Stealer targets macOS users…

Read more →

China-linked APT group Velvet Ant exploited a recently disclosed zero-day in Cisco switches to take over the network appliance. Researchers at cybersecurity firm Sygnia reported that the China-linked APT group Velvet Ant has exploited the recently disclosed zero-day CVE-2024-20399 in…

Read more →