Atlassian patches critical RCE flaws across multiple products
System administrators should prioritize applying the available updates
Read More...
New proxy malware targets Mac users through pirated software
Proxy trojan malware infects computers, turning them into traffic-forwarding terminals used to anonymize malicious or illegal activities
Read More...
Fake WordPress security advisory pushes backdoor plugin
Upon installation, the plugin creates a hidden admin user named 'wpsecuritypatch' and sends information about the victim to the attackers' command and control server (C2)
Read More...
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software.
Read More...
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks
Cloud Director is a VMware platform that enables admins to manage data centers spread across multiple locations as Virtual Data Centers
Read More...
Hackers use new Agent Raccoon malware to backdoor US targets
The selection of targets, nature of the deployed tools, data exfiltration methods, targeted intelligence, and the covert character of the attacks suggest that their goal is espionage
Read More...
Atomic Stealer malware strikes macOS via fake browser updates
Via this technique, dubbed "EtherHiding," the operators distributed Windows-targeting payloads, including information-stealing malware like RedLine, Amadey, and Lumma
Read More...
Google Chrome emergency update fixes 5th zero-day exploited in 2023
Google says that access to the zero-day's details might remain restricted until most users have updated their browser
Read More...
Hackers start exploiting critical ownCloud flaw, patch now
In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key
Read More...
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
It's often used as a first-stage payload, providing remote access to a compromised system and utilized to download more sophisticated second-stage tools such as ransomware
Read More...