LottieFiles announced that specific versions of its npm package carry malicious code that prompts users to connect their cryptocurrency wallets so they can be emptied. […] Go to Source Author: Bill Toulas
Category Archives: Security
Interbank, one of Peru’s leading financial institutions, has confirmed a data breach after a threat actor who hacked into its systems leaked stolen data online. […] Go to Source Author: Sergiu Gatlan
QNAP has fixed a second zero-day vulnerability exploited at the Pwn2Own Ireland 2024 hacking contest to gain a root shell and take over a TS-464 NAS device. […] Go to Source Author: Sergiu Gatlan
The North Korean state-sponsored hacking group tracked as ‘Andariel’ has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. […] Go to Source Author: Bill Toulas
A new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker’s phone number instead. […] Go to Source Author: Bill Toulas
A global large-scale dubbed “EmeraldWhale” exploited misconfigured Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories. […] Go to Source Author: Bill Toulas
The Federal Bureau of Investigation (FBI) is warning of multiple schemes taking advantage of the upcoming U.S. general election to scam people out of their money or personal data. […] Go to Source Author: Bill Toulas
Risikomanagement gehört zu den Kernkompetenzen jedes CISOs. Doch auch hier passieren immer wieder Fehler. Freedomz/Shutterstock.com CISOs wissen, dass Risikomanagement unerlässlich ist, um eine stabile Unternehmenssicherheit aufzubauen und aufrecht zu erhalten. Dennoch stolpern viele, trotz bester Absichten, immer wieder über hartnäckige Fallstricke, die ihre Bemühungen untergraben. Unabhängig von der Größe des Unternehmens ist Risikomanagement grundlegend für […]
Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target’s NTLM credentials remotely. […] Go to Source Author: Sergiu Gatlan
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. […] Go to Source Author: Lawrence Abrams