Skip to content
software vulnerability Page 126

software vulnerability

Watch Out for ‘Latrodectus’ – This Malware Could Be In Your Inbox

Watch Out for ‘Latrodectus’ – This Malware Could Be In Your Inbox

Apr 08, 2024NewsroomCybercrime / Network Security Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. “Latrodectus is an up-and-coming… 

Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme

Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme

Apr 08, 2024NewsroomCybersecurity / Malvertising A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. “The phishing email contained a ZIP file attachment that when… 

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

Apr 06, 2024NewsroomSkimmer / Threat Intelligence Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been… 

AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

Apr 05, 2024NewsroomArtificial Intelligence / Supply Chain Attack New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges,… 

New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

Apr 05, 2024NewsroomCyber Espionage / Cybersecurity Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an “evolving threat” called JSOutProx. “JSOutProx is a… 

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

Apr 05, 2024NewsroomAdvanced Persistent Threat Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under…