Hackers Can Clone Google Titan 2FA Keys employing a Side Channel In NXP Chips
There’s wide consensus among security experts that physical two-factor authentication keys provide the foremost effective protection against account takeovers. Research published today doesn’t change...
Rocke Group’s Malware Now Has Worm Capabilities
The Pro-Ocean cryptojacking malware now comes with the power to spread sort of a worm, also as harboring new detection-evasion tactics.
Researchers have identified an...
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks
A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to...
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited...
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under...
Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts
Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on...
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV)...
Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches
Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches.The issue,...
Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows
Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute...
GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials
GitHub has revealed that it has rotated some keys in response to a security vulnerability that could be potentially exploited to gain access to...
Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters
Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to...