Security News

Filter by:

AI Malware Dressed Up as DeepSeek Packages Lurk in PyPi

Adversaries looking to ride the DeepSeek interest wave are taking advantage of developers in a rush to deploy the new technology, by using AI-generated malware against them.
Dark Reading 4 Feb 2025 2015 Views

Microsoft Sets End Date for Defender VPN

Though Windows, iOS, and macOS users won't need to make any changes, Android users are advised to remove their Defender VPN profiles.
Dark Reading 4 Feb 2025 1841 Views

Hackers exploit critical unpatched flaw in Zyxel CPE devices

Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July.
Bleeping Computer 3 Feb 2025 1522 Views

Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts

Cybersecurity researchers have discovered a malvertising campaign that's targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials.
The Hacker News 3 Feb 2025 7928 Views

New Syncjacking attack hijacks devices using Chrome extensions

A new attack called 'Browser Syncjacking' demonstrates the possibility of using a seemingly benign Chrome extension to take over a victim's device.
Bleeping Computer 3 Feb 2025 1529 Views

GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's Git credentials.
The Hacker News 28 Jan 2025 10109 Views

Hackers steal $85 million worth of cryptocurrency from Phemex

The Phemex crypto exchange suffered a massive security breach on Thursday where threat actors stole over $85 million worth of cryptocurrency.
Bleeping Computer 28 Jan 2025 2231 Views

Ransomware gang uses SSH tunnels for stealthy VMware ESXi access

Ransomware actors targeting ESXi bare metal hypervisors are leveraging SSH tunneling to persist on the system while remaining undetected. [...]
Bleepingcomputer 26 Jan 2025 1884 Views

PayPal to pay $2 million settlement over 2022 data breach

New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state's cybersecurity regulations, leading to a 2022 data breach. [...]
Bleepingcomputer 25 Jan 2025 1708 Views

Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug

No in-the-wild exploits … yet Cisco has pushed a patch for a critical, 9.9-rated vulnerability in its Meeting Management tool that could allow a remote, authenticated attacker with low privileges to escalate to administrator on affected devices.…
The Register 24 Jan 2025 7164 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY