CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting…
Critical Progress WhatsUp RCE flaw now under active exploitation
Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial…
Linux kernel impacted by new SLUBStick cross-cache attack
A novel Linux Kernel cross-cache attack named SLUBStick has a 99% success in converting a limited heap vulnerability into an arbitrary…
Google Chrome adds app-bound encryption to block infostealer malware
Google Chrome now comes with better cookie protection on Windows systems, with the addition of app-bound encryption, which improves defenses…
Russian ransomware gangs account for 69% of all ransom proceeds
Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding…
Could Intel Have Fixed Spectre & Meltdown Bugs Earlier?
Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for…
Feds Warn of North Korean Cyberattacks on US Critical Infrastructure
The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others…
BreachForums v1 database leak is an OPSEC test for hackers
The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove…
CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks
CISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in…
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks
The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of…