Skip to content
data breach Page 2

data breach

New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks

New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks

Apr 16, 2025Ravie LakshmananCyber Espionage / Network Security Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in… 

Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users

Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users

Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024. While using malware-laced… 

U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert

U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert

Apr 16, 2025Ravie LakshmananVulnerability Management / Incident Response The U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures (CVE) program will expire Wednesday, an unprecedented development that… 

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

Apr 15, 2025Ravie LakshmananVulnerability / Software Security A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a… 

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Apr 15, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that’s designed to reroute trading orders placed on the MEXC cryptocurrency exchange… 

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Apr 15, 2025The Hacker NewsData Privacy / Enterprise Security Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know…