Ransomware gang deploys new malware to kill security software
RansomHub ransomware operators have been spotted deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring…
CSC ServiceWorks discloses data breach after 2023 cyberattack
CSC ServiceWorks, a leading provider of commercial laundry services, has disclosed a data breach after the personal information of an…
CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting…
Samsung to pay $1,000,000 for RCEs on Galaxy’s secure vault
Samsung has launched a new bug bounty program for its mobile devices with rewards of up to $1,000,000 for reports…
Google fixes Android kernel zero-day exploited in targeted attacks
Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. [...]
CISA warns of VMware ESXi bug exploited in ransomware attacks
CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass…
Millions of Devices Vulnerable to ‘PKFail’ Secure Boot Bypass Issue
Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices…
Progress warns of critical RCE bug in Telerik Report Server
Progress Software has warned customers to patch a critical remote code execution security flaw in the Telerik Report Server that…
China’s APT41 Targets Global Logistics, Utilities Companies
According to Mandiant, among the many cyber espionage tools the threat actor is using is a sophisticated new dropper called…
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks
The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of…