Pwn2Own Toronto 2022 has ended with competitors earning $989,750 for 63 zero-day exploits (and multiple bug collisions) targeting consumer products between December…
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied…
Ransomware Attackers Bypass Microsoft’s ProxyNotShell Mitigations With Fresh Exploit
The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.
Ransomware gang uses new Microsoft Exchange exploit to breach servers
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code…
Raspberry Robin worm drops fake malware to confuse researchers
The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers…
Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook
Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.
Open-source repositories flooded by 144,000 phishing packages
Unknown threat actors have uploaded a total of 144,294 phishing-related packages on the open-source package repositories NuGet, PyPI, and NPM.…
Rash of New Ransomware Variants Springs Up in the Wild
Vohuk, ScareCrow, and AESRT add to the ransomware chaos that organizations have to contend with on a daily basis.
Clop ransomware uses TrueBot malware for access to networks
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group…
Hackers earn $989,750 for 63 zero-days exploited at Pwn2Own Toronto
Pwn2Own Toronto 2022 has ended with competitors earning $989,750 for 63 zero-day exploits (and multiple bug collisions) targeting consumer products between December…
Samsung Galaxy S22 hacked twice on first day of Pwn2Own Toronto
Contestants have hacked the Samsung Galaxy S22 smartphone twice during the first day of the Pwn2Own Toronto 2022 hacking competition,…
Sneaky hackers reverse defense mitigations when detected
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied…