GitHub projects targeted with malicious commits to frame researcher
GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the…
NSO Group used another WhatsApp zero-day after being sued, court docs say
Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities…
Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS…
Guarding the Games: Cybersecurity and the 2024 Summer Olympics
As Paris prepares to host the 2024 Summer Olympic Games, athletes from around the world converge to represent their country.…
An Interview With the Target & Home Depot Hacker
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more…
New Glove infostealer malware bypasses Chrome’s cookie encryption
New Glove Stealer information-stealing malware can bypass Google Chrome's Application-Bound (App-Bound) encryption to steal browser cookies. [...]
Hamas Hackers Spy on Mideast Gov’ts, Disrupt Israel
APT Wirte is doing double duty, adding all manner of supplemental malware to gain access, eavesdrop, and wipe data, depending…
OpenText Cybersecurity Unveils 2024’s Nastiest Malware
PRESS RELEASE WATERLOO, ON, Oct. 31, 2024 /PRNewswire/ — OpenText (NASDAQ: OTEX), (TSX: OTEX), has revealed its highly...
Microsoft patches Windows zero-day exploited in attacks on Ukraine
Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities.…
US indicts Snowflake hackers who extorted $2.5 million from 3 victims
The Department of Justice has unsealed the indictment against two suspected Snowflake hackers, who breached more than 165 organizations using…