Security News

Filter by:

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors

Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities...
The Hacker News 2 Sep 2024 3000 Views

South Korean hackers exploited WPS Office zero-day to deploy malware

The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office to install the SpyGlace backdoor on East Asian targets. [...]
Bleepingcomputer 29 Aug 2024 3021 Views

Major Backdoor In Millions Of RFID Cards Allows Instant Cloning

Packet Storm 27 Aug 2024 33122 Views

PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders.
The Register 26 Aug 2024 3171 Views

New NGate Android malware uses NFC chip to steal credit card data

A new Android malware named NGate can steal money from payment cards by relaying to an attacker's device the data read by the near-field communication (NFC) chip. [...]
Bleepingcomputer 23 Aug 2024 3502 Views

NFC Traffic Stealer Targets Android Users & Their Banking Info

The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
Dark Reading 23 Aug 2024 3181 Views

SolarWinds left critical hardcoded credentials in its Web Help Desk product

Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive...
The Register 23 Aug 2024 12834 Views

GitHub Enterprise Server vulnerable to critical auth bypass flaw

A critical vulnerability affecting multiple versions of GitHub Enterprise Server could be exploited to bypass authentication and enable an attacker to gain administrator privileges on the machine.
Bleeping Computer 22 Aug 2024 3231 Views

Hackers use PHP exploit to backdoor Windows systems with new malware

Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). [...]
Bleepingcomputer 21 Aug 2024 2911 Views

Multiple flaws in Microsoft macOS apps unpatched despite potential risks

Windows giant tells Cisco Talos it isn't fixing them Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and...
The Register 20 Aug 2024 11925 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY