Skip to main content

Security News

Filter by:

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
Bleeping Computer 14 Mar 2024 461 Views

Malawi Passport System Back Online After Debilitating Cyberattack

Passport printing and distribution will resume first in Lilongwe as the immigration system gets back on its feet.
Dark Reading 14 Mar 2024 266 Views

PixPirate Android malware uses new tactic to hide on phones

The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed.
Bleeping Computer 14 Mar 2024 403 Views

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs

Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. [...]
Bleepingcomputer 13 Mar 2024 423 Views

Microsoft says Windows 10 21H2 support is ending in June

Microsoft announced today that it would end support for Windows 10 21H2 in June when the Enterprise and Education editions reach the end of service. [...]
Bleepingcomputer 12 Mar 2024 413 Views

Researchers expose Microsoft SCCM misconfigs usable in cyberattacks

Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller. [...]
Bleepingcomputer 12 Mar 2024 338 Views

Fake Leather wallet app on Apple App Store is a crypto drainer

The developers of the Leather cryptocurrency wallet are warning of a fake app on the Apple App Store, with users reporting it is a wallet drainer that stole their digital assets. [...]
Bleepingcomputer 11 Mar 2024 312 Views

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability

Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-...
The Hacker News 11 Mar 2024 5109 Views

Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware

Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. [...]
Bleepingcomputer 10 Mar 2024 318 Views

Canva Warns of Three Security Vulnerabilities in Fonts

The first, CVE-2023-45139, involved a high-severity bug in the FontTools library. The second and third vulnerabilities, CVE-2024-25081 and CVE-2024-25082, were related to naming conventions and compression.
Cyware News 9 Mar 2024 334 Views