?Jan 24, 2024?The Hacker NewsVulnerability / Software Security In a world where more & more organizations are adopting open-source components as foundational blocks in their application’s infrastructure, it’s difficult to consider traditional SCAs as complete…
?Jan 24, 2024?NewsroomCryptocurrency / Cybercrime Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider Medibank.…
?Jan 24, 2024?NewsroomVulnerability / Endpoint Security A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user. Tracked as CVE-2024-0204, the…
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive “criminal affiliate program,” new findings from Infoblox reveal. The latest…
?Jan 23, 2024?NewsroomSoftware Security / Supply Chain Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys stolen from developer systems on which they were…
?Jan 23, 2024?NewsroomMalware / Cryptocurrency Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency wallet data. Kaspersky, which identified the artifacts in…
?Jan 23, 2024?The Hacker NewsCybersecurity / Server Security As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore’s…
?Jan 23, 2024?NewsroomCyber Crime / Dark Web Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went…
?Jan 23, 2024?NewsroomVulnerability / Cyber Attack Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure. Tracked as…
?Jan 23, 2024?NewsroomVulnerability / Device Security Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild.…