Security News

Filter by:

Cisco confirms 'ongoing investigation' after crims brag about selling tons of data

Networking giant says 'no evidence' of impact on its systems but will tell customers if their info has been stolen UPDATED  Cisco has confirmed it is investigating claims of stealing — and now selling — data belonging to the networking giant.…
The Register 17 Oct 2024 7068 Views

Critical default credential bug in Kubernetes Image Builder allows SSH root access

It's called leaving the door wide open – especially in Proxmox A critical bug in Kubernetes Image Builder could allow unauthorized SSH access to virtual machines (VMs) thanks to default credentials being enabled during the image build process.…
The Register 17 Oct 2024 6992 Views

SolarWinds Web Help Desk flaw is now exploited in attacks

CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late August 2024. [...]
Bleepingcomputer 17 Oct 2024 1431 Views

WhatsApp may expose the OS you use to run it – which could expose you to crooks

Meta knows messaging service creates persistent user IDs that have different qualities on each device Updated  An analysis of Meta's WhatsApp messaging software reveals that it may expose which operating system a user is running, and their device setup information – including the number of linked...
The Register 17 Oct 2024 6844 Views

EDRSilencer red team tool used in attacks to bypass security

A tool for red-team operations called EDRSilencer has been observed in malicious incidents attempting to identify security tools and mute their alerts to management consoles. [...]
Bleepingcomputer 16 Oct 2024 1302 Views

Jetpack fixes critical information disclosure flaw existing since 2016

WordPress plugin Jetpack released a critical security update earlier today, addressing a vulnerability that allowed a logged-in user to access forms submitted by other visitors to the site. [...]
Bleepingcomputer 15 Oct 2024 1405 Views

Google warns uBlock Origin and other extensions may be disabled soon

Google's Chrome Web Store is now warning that the uBlock Origin ad blocker and other extensions may soon be blocked as part of the company's deprecation of the Manifest V2 extension specification. [...]
Bleepingcomputer 14 Oct 2024 1331 Views

Iranian hackers now exploit Windows flaw to elevate privileges

The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region. [...]
Bleepingcomputer 13 Oct 2024 1178 Views

OpenAI confirms threat actors use ChatGPT to write malware

OpenAI has disrupted over 20 malicious cyber operations abusing its AI-powered chatbot, ChatGPT, for debugging and developing malware, spreading misinformation, evading detection, and conducting spear-phishing attacks. [...]
Bleepingcomputer 12 Oct 2024 1130 Views

New Mamba 2FA bypass service targets Microsoft 365 accounts

An emerging phishing-as-a-service (PhaaS) platform called Mamba 2FA has been observed targeting Microsoft 365 accounts in AiTM attacks using well-crafted login pages.
Bleeping Computer 9 Oct 2024 1485 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY