Fake Cisco Webex Google Ads abuse tracking templates to push malware
The threat actors can exploit a loophole in the Google Ad platform's tracking template that allows them to redirect at will while complying with Google's policy
Read More...The threat actors can exploit a loophole in the Google Ad platform's tracking template that allows them to redirect at will while complying with Google's policy
Read More...The flaw, tracked as CVE-2023-40004, allows unauthenticated users to access and manipulate token configurations on the affected extensions
Read More...Any extension running in VS Code, even malicious ones, can gain access to the Secret Storage and abuse Keytar to retrieve any stored tokens
Read More...This created an opportunity for attackers to exploit unsecured Azure Function hosts and intercept OAuth client IDs and secrets
Read More...The AMP URLs trigger a redirection to a malicious phishing site, and this additional step also adds an analysis-disrupting layer
Read More...CVE-2023-2640 is a high-severity (CVSS v3 score: 7.8) vulnerability in the Ubuntu Linux kernel caused by inadequate permission checks allowing a local attacker to gain elevated privileges
Read More...Threat actors who exploit this vulnerability can use the stolen credentials to push malicious app versions
Read More...The hacking group has a long history of targeting cryptocurrency companies and cybersecurity researchers for cyberespionage and to steal cryptocurrency
Read More...Due to these discussions, Microsoft says that they are expanding access to the premium cloud logging to all customers for free
Read More...The Fortinet advisory has clarified that FortiOS products from the 6.0, 6.2, 6.4, 2.x, and 1.x release branches are not impacted by CVE-2023-33308
Read More...