Skip to content
data breach Page 14

data breach

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Nov 27, 2024Ravie LakshmananVulnerability / Software Security A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched… 

Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels

Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels

Nov 27, 2024Ravie LakshmananLinux / Malware Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators who… 

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

Nov 27, 2024Ravie LakshmananMalware / Cyber Espionage The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the… 

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign

Nov 27, 2024Ravie LakshmananIoT Security / Network Security A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to… 

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

Nov 26, 2024Ravie LakshmananVulnerability / Website Security Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and… 

A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats

A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats

Nov 26, 2024The Hacker NewsPentest / Vulnerability Assessment When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s why Intruder, a leader in attack surface management, built Intel… 

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks

Nov 26, 2024Ravie LakshmananVulnerability / Cybercrime The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as… 

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro, which described the hacking group…