Microsoft: Unpatched Office zero-day exploited in NATO summit attacks
Microsoft disclosed today an unpatched zero-day security bug in multiple Windows and Office products exploited in the wild to gain remote…
Charming Kitten hackers use new ‘NokNok’ malware for macOS
Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that…
Apps with 1.5M installs on Google Play send your data to China
Security researchers discovered two malicious file management applications on Google Play with a collective installation count of over 1.5 million…
Hackers target European government entities in SmugX campaign
A phishing campaign that security researchers named SmugX and attributed to a Chinese threat actor has been targeting embassies and…
Twitter’s bot spam keeps getting worse — it’s about porn this time
Forget crypto spam accounts, Twitter's got another problem which involves bots and accounts promoting adult content and infiltrating Direct Messages…
Exploit released for new Arcserve UDP auth bypass vulnerability
Data protection vendor Arcserve has addressed a high-severity security flaw in its Unified Data Protection (UDP) backup software that can…
Anatsa Android trojan now steals banking info from users in US, UK
A new mobile malware campaign since March 2023 pushes the Android banking trojan 'Anatsa' to online banking customers in the…
New PindOS JavaScript dropper deploys Bumblebee, IcedID malware
Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with…
Millions of Repos on GitHub Are Potentially Vulnerable to Hijacking
Many organizations are unwittingly exposing users of their code repositories to repojacking when renaming projects, a new study shows.
Microsoft Teams bug allows malware delivery from external accounts
Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the…