BootKitty UEFI malware exploits LogoFAIL to infect Linux systems
The recently uncovered 'Bootkitty' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka 'LogoFAIL,' to…
Ben Bankas can’t take a joke
Ben Bankas pondered fascism as he waited for the Cybertruck. His enemies on the left have branded his comedy “right-wing…
New Windows Server 2012 zero-day gets free, unofficial patches
Free unofficial security patches have been released through the 0patch platform to address a zero-day vulnerability introduced over two years…
Ransomware Gangs Seek Pen Testers to Boost Quality
Qualified applicants must be able to test ransomware encryption and find bugs that might enable defenders to jailbreak the malware.
Hackers abuse popular Godot game engine to infect thousands of PCs
Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and…
Hackers exploit ProjectSend flaw to backdoor exposed servers
Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote…
Russian Script Kiddie Assembles Massive DDoS Botnet
Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices…
Hacker in Snowflake Extortions May Be a U.S. Soldier
Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data…
New NachoVPN attack uses rogue VPN servers to install malicious updates
A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall…
‘RomCom’ APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a…