Skip to content
Security News, Assessments & Alerts Page 130

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

May 21, 2024NewsroomVulnerability / Software Development GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections. Tracked as CVE-2024-4985… 

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

May 21, 2024NewsroomCloud Security / Data Security A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. “The VBScript and PowerShell scripts… 

SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure

SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure

May 21, 2024NewsroomData Breach / Malware The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show. “The core of… 

Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox

Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox

May 21, 2024NewsroomSupply Chain Security / AI Model A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359…