Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
A stealthy JavaScript injection attack steals data from the checkout page of sites, either by creating a fake credit card…
Windows vulnerability abused braille “spaces” in zero-day attacks
A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used…
New Windows SmartScreen bypass exploited as zero-day since March
Today, Microsoft revealed that a Mark of the Web security bypass vulnerability exploited by attackers as a zero-day to bypass…
Red Sift Launches Relevance Detection as GPT-4-Powered Asset Discovery and Classification Solution
New AI feature enhances OnDOMAIN's capabilities to secure unknown vulnerabilities and strengthen network security posture.
‘Money Lover’ Finance App Exposes User Data
A broken access control vulnerability could have led to dangerous follow-on attacks for users of the money-management app.
Common Vulnerabilities of Enterprise Web Security That Demands Your Attention
By Eden Allen, Cyber Security Educator, CheapSSLWeb Years ago, the way leading enterprise-level concerns were viewed differed from […] The…
Windows 11 KB5021255 and KB5021234 cumulative updates released
Microsoft has released the Windows 11 KB5021255 and KB5021234 cumulative updates for versions 22H2 and 21H2 to fix security vulnerabilities…
Fraudsters Siphon $360M From Retailers Using 50M Fake Shoppers
Cyberattackers focused on ad fraud and clickjacking stole millions during Black Friday by hijacking shopper accounts and tying up transactions.
New attacks use Windows security bypass zero-day to drop malware
New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security…
Microsoft fixes MoTW zero-day used to drop malware via ISO files
Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files,…