Security News

Filter by:

CISA says GitLab account takeover bug is actively exploited in attacks

​CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. [...]
Bleepingcomputer 2 May 2024 40 Views

DropBox says hackers stole customer data, auth secrets from eSignature service

Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information. [...]
Bleepingcomputer 2 May 2024 36 Views

Fake job interviews target developers with new Python backdoor

A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT).
Bleeping Computer 29 Apr 2024 117 Views

New 'Brokewell' Android Malware Spread Through Fake Browser Updates

Fake browser updates are being used to push a previously undocumented Android malware called Brokewell.
The Hacker News 29 Apr 2024 1834 Views

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack

Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation.
The Hacker News 29 Apr 2024 1833 Views

GitLab affected by GitHub-style CDN flaw allowing malware hosting

BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy.
Bleeping Computer 23 Apr 2024 234 Views

Wave of ransomware on the cheap: junk guns still okay for small targets

Researchers observe a flood of crude and amateurish ransomware. But it’s cheap, difficult to trace, and comes in many flavors. This spells trouble for small business owners and other individuals.
CyberNews 23 Apr 2024 239 Views

LastPass users targeted in phishing attacks good enough to trick even the savvy

Campaign used email, SMS, and voice calls to trick targets into divulging master passwords.
Ars Technica 19 Apr 2024 3402 Views

SoumniBot malware exploits Android bugs to evade detection

A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure. [...]
Bleepingcomputer 18 Apr 2024 315 Views

Cisco warns of large-scale brute-force attacks against VPN services

Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. [...]
Bleepingcomputer 17 Apr 2024 349 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY