A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy.
The MITRE Corporation says that a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days.
Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024.
Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March.
LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
Microsoft announced that Windows users can now log into their Microsoft consumer accounts using a passkey, allowing users to authenticate using password-less methods such as Windows Hello, FIDO2 security keys, biometric data (facial scans or fingerprints), or device PINs.
CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping.
Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and secrets theft.
Given the surge of incidents within the past decade, many people are becoming familiar with ransomware and data breaches. However, a new type of cyberattack known as killware has emerged in recent years. It's now a major security issue for organizations. But what does the term "killware" actually mean? Let's take a look:
This Cybersecurity Threat Advisory details the exploitation of the critical vulnerability CVE-2023-22518 in the Atlassian Confluence Data Center and Server. Attackers are deploying a Linux variant of Cerber (aka C3RB3R) ransomware. This allows unauthenticated attackers to reset Confluence and create administrator accounts, granting them complete control over affected systems.