相關新聞
Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign
Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and sideloaded fake apps to steal PINs.
The post Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign appeared first on TechRepublic.
TechRepublic
2026年04月21日 119 觀看次數
ZionSiphon Malware Targets Water Infrastructure Systems
ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities
Infosecurity Magazine
2026年04月21日 91 觀看次數
Apple account change alerts abused to send phishing emails
Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple's servers, increasing legitimacy and potentially allowing them to bypass spam filters. [...]
Bleepingcomputer
2026年04月20日 121 觀看次數
Vercel confirms breach as hackers claim to be selling stolen data
Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data. [...]
Bleepingcomputer
2026年04月20日 132 觀看次數
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with cybersecurity researchers...
Bleepingcomputer
2026年04月17日 130 觀看次數
Critical Nginx UI auth bypass flaw now actively exploited in the wild
A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication...
Bleepingcomputer
2026年04月16日 166 觀看次數
Over 100 Chrome Web Store extensions steal user accounts, data
More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. [...]
Bleepingcomputer
2026年04月15日 93 觀看次數
Critical Marimo pre-auth RCE flaw now under active exploitation
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged for credential theft. [...]
Bleepingcomputer
2026年04月12日 129 觀看次數
New ClickFix Variant Uses Rundll32 and WebDAV to Evade PowerShell Detection
A new and more dangerous version of the ClickFix attack technique has been found actively targeting Windows users. Unlike older versions that used PowerShell or mshta to run malicious commands, this new variant takes a different path. It uses rundll32.exe and WebDAV, two built...
Cyber Security News
2026年03月31日 136 觀看次數
File read flaw in Smart Slider plugin impacts 500K WordPress sites
A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary files on the server...
Bleepingcomputer
2026年03月29日 126 觀看次數
