相關新聞
Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack
Malicious updates available from WordPress.org create attacker-controlled admin account.
Ars Technica
2024年06月25日 190 觀看次數
![](https://cdn.arstechnica.net/wp-content/uploads/2022/02/backdoor2-760x380.jpeg)
Facebook PrestaShop module exploited to steal credit cards
Hackers are exploiting a flaw in a premium Facebook module for PrestaShop named pkfacebook to deploy a card skimmer on vulnerable e-commerce sites and steal people's payment credit card details. [...]
Bleepingcomputer
2024年06月23日 152 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2023/12/22/credit-cards.jpg)
Warning: New Adware Campaign Targets Meta Quest App Seekers
A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust. [...]
The Hacker News
2024年06月22日 142 觀看次數
ONNX phishing service targets Microsoft 365 accounts at financial firms
A new phishing-as-a-service (PhaaS) platform called ONNX Store is targeting Microsoft 365 accounts for employees at financial firms using QR codes in PDF attachments.
Bleeping Computer
2024年06月19日 256 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2023/10/06/Microsoft_365.jpg)
VMware fixes critical vCenter RCE vulnerability, patch now
VMware has issued a security advisory addressing critical vulnerabilities in vCenter Server, including remote code execution and local privilege escalation flaws.
Bleeping Computer
2024年06月19日 113 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2023/06/28/vmware-flame-bright-white.jpg)
Google warns of actively exploited Pixel firmware zero-day
Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. [...]
Bleepingcomputer
2024年06月13日 323 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2024/01/24/google-pixel-7.jpg)
New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models
The security risks posed by the Pickle format have once again come to the fore with the discovery of a new "hybrid machine learning (ML) model exploitation technique" dubbed Sleepy Pickle. [...]
The Hacker News
2024年06月13日 164 觀看次數
Phishing emails abuse Windows search protocol to push malicious scripts
A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware. [...]
Bleepingcomputer
2024年06月13日 188 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2024/06/12/Windows.jpg)
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild.
Tracked as CVE-2024-4610, the use-after-free issue impacts the following products -
Bifrost GPU Kernel Driver (all versions...
The Hacker News
2024年06月11日 149 觀看次數
Netgear WNR614 flaws allow device takeover, no fix available
Researchers found half a dozen vulnerabilities of varying severity impacting Netgear WNR614 N300, a budget-friendly router that proved popular among home users and small businesses. [...]
Bleepingcomputer
2024年06月11日 81 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2024/06/10/2.jpg)