risk
-
Android Banking Malware Masquerades as Government Agencies to Attack Users
Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated Android banking trojan dubbed RedHook, which disguises itself as legitimate…
Read More » -
Lionishackers Exfiltrate Sensitive Corporate Databases for Sale on the Dark Web
Outpost24’s threat intelligence researchers have uncovered the operations of Lionishackers, a financially motivated cyber threat actor specializing in the exfiltration…
Read More » -
Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks
A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated…
Read More » -
Microsoft Explains How Security Copilot in Intune and Entra Supports Security and IT Teams
Microsoft has detailed how its Security Copilot, an AI-powered tool, is transforming security and IT operations by embedding generative AI…
Read More » -
Ransomware Attack on Albemarle County Exposes Residents’ Personal Information
Albemarle County, Virginia, discovered irregularities in its IT infrastructure under a sophisticated ransomware attack. The breach was quickly recognized by…
Read More » -
DPC Investigates TikTok Over Transfer of EU User Data to China
The Data Protection Commission (DPC) has launched a formal inquiry into TikTok Technology Limited, scrutinizing the company’s practices regarding the…
Read More » -
Hacker Returns $42 Million in Stolen Crypto in Exchange for $5 Million Bounty
A security flaw in the GMX V1 software was made public, causing a significant upheaval in the decentralized finance (DeFi)…
Read More » -
New “Opossum” Attack Breaches Secure TLS by Injecting Malicious Messages
A newly discovered man-in-the-middle exploit dubbed “Opossum” has demonstrated the unsettling ability to compromise secure communications over Transport Layer Security…
Read More » -
Reflectiz Joins the Datadog Marketplace
Reflectiz, a leading cybersecurity company specializing in web exposure management, today announced a new integration with Datadog, Inc. (NASDAQ: DDOG),…
Read More » -
11 Google-Verified Chrome Extensions Infected Over 1.7 Million Users
A chilling discovery by Koi Security has exposed a sophisticated browser hijacking campaign dubbed “RedDirection,” compromising over 1.7 million users…
Read More » -
Ivanti Products Connect Secure and Policy Secure Hit by Denial-of-Service Vulnerabilities
Ivanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could…
Read More » -
macOS SMBClient Flaw Enables Remote Code Execution and Kernel Crashes
A critical vulnerability has been discovered in Apple’s macOS SMBClient, exposing millions of users to the risk of remote code…
Read More » -
Writable File in Lenovo Path Lets Attackers Evade AppLocker Restrictions
A security researcher has uncovered a significant vulnerability affecting Lenovo computers: a writable file within the Windows directory that can…
Read More » -
SquareX Reveals That Employees Are No Longer The Weakest Link, Browser AI Agents Are
Every security practitioner knows that employees are the weakest link in an organization, butthis is no longer the case. SquareX’s…
Read More » -
Instagram Now Rotating TLS Certificates Daily with 1-Week Validity
Instagram has begun rotating its TLS certificates on a daily basis, with each certificate valid for just over a week.…
Read More » -
Multiple PHP Vulnerabilities Enables SQLi and DoS Attacks – Update Now
Security researchers have disclosed two significant vulnerabilities in PHP, the popular server-side scripting language, that could allow attackers to launch…
Read More » -
Over 600K WordPress Sites at Risk Due to Critical Plugin Vulnerability
A critical security flaw in the popular Forminator WordPress plugin has put more than 600,000 websites worldwide at risk of remote takeover,…
Read More »