Security News

Filter by:

VMware fixes critical zero-day exploit chain used at Pwn2Own

VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched versions of the company's Workstation and Fusion software hypervisors. [...]
Bleepingcomputer 26 Apr 2023 812 Views

Google Authenticator will now sync your 2FA codes to use on different devices

The cloud-based syncing means you can access the two-factor authenticator codes from any device.
ZDnet 25 Apr 2023 773 Views

Hackers can breach networks using data on resold corporate routers

Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to obtain customer information. [...]
Bleepingcomputer 24 Apr 2023 913 Views

EvilExtractor malware activity spikes in Europe and the U.S.

Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users' sensitive data in Europe and the U.S. [...]
Bleepingcomputer 22 Apr 2023 779 Views

Google ads push BumbleBee malware used by ransomware gangs

The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. [...]
Bleepingcomputer 22 Apr 2023 788 Views

Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach

Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come...
The Hacker News 22 Apr 2023 819 Views

Attackers use abandoned WordPress plugin to backdoor websites

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors.
Bleepingcomputer 21 Apr 2023 1200 Views

Microsoft Defender update causes Windows Hardware Stack Protection mess

In a confusing mess, a recent Microsoft Defender update rolled out a new security feature called 'Kernel-mode Hardware-enforced Stack Protection,' while removing the LSA protection feature. Unfortunately, Microsoft has not provided any documentation on this change, leading to more questions...
Bleepingcomputer 20 Apr 2023 708 Views

Hackers actively exploit critical RCE bug in PaperCut servers

Print management software developer PaperCut is warning customers to update their software immediately, as hackers are actively exploiting flaws to gain access to vulnerable servers. [...]
Bleepingcomputer 19 Apr 2023 657 Views

US, UK warn of govt hackers using custom malware on Cisco routers

The US, UK, and Cisco are warning of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, allowing unauthenticated access to the device. [...]
Bleepingcomputer 19 Apr 2023 573 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY