Microsoft Teams bug allows malware delivery from external accounts
Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the…
Apple fixes zero-days used to deploy Triangulation spyware via iMessage
Apple addressed three new zero-day vulnerabilities exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits. [...]
New Mystic Stealer malware increasingly used in attacks
A new information-stealing malware named 'Mystic Stealer,' has been promoted on hacking forums and darknet markets since April 2023, quickly…
Attackers Create Synthetic Security Researchers to Steal IP
Threat groups created a fake security company, "High Sierra," with faux exploits and fake profiles for security researchers on GitHub…
New ‘Shampoo’ Chromeloader malware pushed via fake warez sites
A new ChromeLoader campaign is underway, infecting visitors of warez and pirated movie sites with a new variant of the…
Pirated Windows 10 ISOs install clipper malware via EFI partitions
Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade…
Google triples rewards for Chrome sandbox escape chain exploits
Google announced today that bug bounty hunters who report sandbox escape chain exploits targeting its Chrome web browser are now…
Terminator antivirus killer is a vulnerable Windows driver in disguise
A threat actor known as Spyboy is promoting a Windows defense evasion tool called "Terminator" on the Russian-speaking forum RAMP…
Microsoft finds macOS bug that lets hackers bypass SIP root restrictions
Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection (SIP) to install "undeletable"…
CISA warns govt agencies of recently patched Barracuda zero-day
CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances.…