Skip to content
New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency

Sep 13, 2024Ravie LakshmananEnterprise Security / Vulnerability Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining. The activity, which specifically singles out the Oracle Weblogic server, is designed… 

New Android Malware ‘Ajina.Banker’ Steals Financial Data and Bypasses 2FA via Telegram

New Android Malware ‘Ajina.Banker’ Steals Financial Data and Bypasses 2FA via Telegram

Sep 12, 2024Ravie LakshmananMobile Security / Financial Fraud Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2024 with the goal… 

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution

Sep 12, 2024Ravie LakshmananDevSecOps / Vulnerability GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary user. The issue,… 

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Sep 12, 2024Ravie LakshmananCryptocurrency / Network Security Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. “Selenium Grid is a server that facilitates running test cases in… 

Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Iraqi government networks have emerged as the target of an “elaborate” cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister’s Office… 

Ireland’s Watchdog Launches Inquiry into Google’s AI Data Practices in Europe

Ireland’s Watchdog Launches Inquiry into Google’s AI Data Practices in Europe

Sep 12, 2024Ravie LakshmananRegulatory Compliance / Data Protection The Irish Data Protection Commission (DPC) has announced that it has commenced a “Cross-Border statutory inquiry” into Google’s foundational artificial intelligence (AI) model to determine whether the… 

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

Sep 12, 2024Ravie LakshmananWeb Security / Content Management WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement…