15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack
New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking.
"More than 9,000 repositories are vulnerable...
Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability
Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a critical security flaw in its Outlook email service to gain unauthorized access to...
New Threat Actor ‘AeroBlade’ Emerges in Espionage Attack on U.S. Aerospace
A previously undocumented threat actor has been linked to a cyber attack targeting an aerospace organization in the U.S. as part of what's suspected...
New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks
New research has unearthed multiple novel attacks that break Bluetooth Classic's forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two...
New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices
Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that's capable of targeting routers and IoT devices.
The latest version, per...
Make a Fresh Start for 2024: Clean Out Your User Inventory to Reduce SaaS...
As work ebbs with the typical end-of-year slowdown, now is a good time to review user roles and privileges and remove anyone who shouldn't...
Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware
Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector.
The DanaBot...
LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks
The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in...
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent...
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department...
