Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively...
Apple Issues Patch for Critical Zero-Day in iPhones, Macs – Update Now
Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under...
China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware
A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to...
New Coyote Trojan Targets 61 Brazilian Banks with Nim-Powered Attack
Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote."This malware utilizes the Squirrel installer...
U.S. State Government Network Breached via Former Employee’s Account
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account...
New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide
The North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world.In a joint advisory...
New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT
Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT...
A SaaS Security Challenge: Getting Permissions All in One Place
Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data...
MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices
The MITRE Corporation has officially made available a new threat-modeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments."The model...
China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics
Cybersecurity researchers have uncovered an updated version of malware called ValleyRAT that's being distributed as part of a new campaign."In the latest version, ValleyRAT...