Akira ransomware targets Cisco VPNs to breach organizations
Akira has been using compromised Cisco VPN accounts to breach corporate networks without needing to drop additional backdoors
Read More...
Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks
Users of the PS Gallery repository are advised to adopt policies that allow execution of only signed scripts
Read More...
Raccoon Stealer malware returns with new stealthier version
The malware steals data from over 60 applications, including login credentials, credit card information, browsing history, cookies, and cryptocurrency wallet accounts
Read More...
Almost 2,000 Citrix NetScaler servers backdoored in hacking campaign
More than 1,200 servers were backdoored before administrators installed the patch for the vulnerability
Read More...
CISA: New Whirlpool backdoor used in Barracuda ESG hacks
CVE-2023-2868 is a critical severity (CVSS v3: 9.8) remote command injection vulnerability impacting Barracuda ESG versions 5.1.3.001 through 9.2.0.006
Read More...
Rhysida ransomware behind recent attacks on healthcare
They primarily attack education, government, manufacturing, and technology and managed service provider sectors
Read More...
Dell Compellent hardcoded key exposes VMware vCenter admin creds
This AES encryption key is used to encrypt the CITV configuration file containing the program's settings, including the entered vCenter admin credentials
Read More...
Malicious extensions can abuse VS Code flaw to steal auth tokens
Any extension running in VS Code, even malicious ones, can gain access to the Secret Storage and abuse Keytar to retrieve any stored tokens
Read More...
Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws
This month's Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed
Read More...
Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
The harvested data, which could also contain credentials and valuable intellectual property, is ultimately transmitted to the server in the form of a ZIP archive file
Read More...