Security News

Filter by:

Report: Fileless Attacks Increase by 1,400%

Protecting runtime environments requires at least a monitoring approach that includes scanning for known malicious files and network communications, then blocking them and alerting when they appear. However, this is still insufficient.
Cyware News 4 Jul 2023 8771 Views

Free Akira ransomware decryptor helps recover your files

Cybersecurity firm Avast has released a free decryptor for the Akira ransomware. Akira first appeared in March 2023 and made a name for itself by quickly amassing victims as it targeted organizations worldwide in a broad range of sectors.
Cyware News 1 Jul 2023 909 Views

Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts

As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the Ultimate Member plugin. The flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), impacts all versions of the Ultimate...
The Hacker News 1 Jul 2023 798 Views

More than 16 million people and counting have had data exposed in MOVEit breaches

Since June 1, experts have warned of the vulnerability affecting the popular file transfer software, and dozens of the biggest organizations in the U.S. and Europe have since come forward to reveal that they were affected by the situation.
Cyware News 1 Jul 2023 866 Views

MITRE releases new list of top 25 most dangerous software bugs

MITRE shared today this year's list of the top 25 most dangerous weaknesses plaguing software during the previous two years. [...]
Bleepingcomputer 30 Jun 2023 855 Views

Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel

Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks.
Dark Reading 30 Jun 2023 949 Views

NPM Plagued With 'Manifest Confusion' Malware-Hiding Weakness

The popular package manager for software developers has been vulnerable to this attack vector for a while, and negligent in fixing the problem, according to a former employee.
Dark Reading 29 Jun 2023 856 Views

Warning: JavaScript registry npm vulnerable to 'manifest confusion' abuse

Failure to match metadata with packaged files is perfect for supply chain attacks The npm Public Registry, a database of JavaScript packages, fails to compare npm package manifest data with the archive of files that data describes, creating an opportunity for the installation and execution of...
The Register 28 Jun 2023 7179 Views

Anatsa Android trojan now steals banking info from users in US, UK

A new mobile malware campaign since March 2023 pushes the Android banking trojan 'Anatsa' to online banking customers in the U.S., the U.K., Germany, Austria, and Switzerland.
Bleeping Computer 27 Jun 2023 853 Views

Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack

An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy.
The Hacker News 27 Jun 2023 764 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY