Security News

Filter by:

CISA warns of actively exploited Apache HugeGraph-Server bug

The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server. [...]
Bleepingcomputer 20 Sep 2024 2188 Views

GitLab Warns of Max Severity Authentication Bypass Bug

Company urges organizations using self-hosting GitLab instances to apply updates for CVE-2024-45409 as soon as possible. [...]
Dark Reading 20 Sep 2024 1983 Views

Apple pulls iPadOS 18 update bricking M4 iPad Pro devices

Apple has paused the rollout of iPadOS 18 on iPad Pro tablets with the M4 chip after numerous owners reported the update is "bricking" their devices, with no way to turn them on after performing the update. [...]
Bleepingcomputer 19 Sep 2024 2179 Views

Chinese botnet infects 260,000 SOHO routers, IP cameras with malware

The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called "Raptor Train" that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries. [...]
Bleepingcomputer 19 Sep 2024 2190 Views

Hackers Target Selenium Grid Servers for Proxyjacking and Cryptomining Attacks

Threat actors are infecting publicly exposed Selenium Grid servers to utilize victims' internet bandwidth for cryptomining, proxyjacking, and potentially more harmful activities.
Cyware News 16 Sep 2024 2149 Views

Windows vulnerability abused braille “spaces” in zero-day attacks

A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. [...]
Bleepingcomputer 16 Sep 2024 2348 Views

'Hadooken' Malware Targets Oracle's WebLogic Servers

A threat actor is dropping a cryptominer and distributed denial-of-service (DDoS) malware on Oracle WebLogic Servers using "Hadooken." [...]
Dark Reading 13 Sep 2024 2134 Views

New Vo1d malware infects 1.3 million Android TV streaming boxes

Threat actors have infected over 1.3 million Android TV streaming boxes with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. [...]
Bleepingcomputer 13 Sep 2024 4702 Views

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub.
Bleeping Computer 11 Sep 2024 2382 Views

Ivanti fixes maximum severity RCE bug in Endpoint Management software

Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server.
Bleeping Computer 11 Sep 2024 2163 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY