Security
Headlines
HeadlinesLatestCVEs

Latest News

'ZipLine' Phishers Flip Script as Victims Email First

"ZipLine" appears to be a sophisticated and carefully planned campaign that has already affected dozens of small, medium, and large organizations across multiple industry sectors.

DARKReading
Open in Source
Nevada's State Agencies Shutter in Wake of Cyberattack

In response to a cyberattack that was first detected on Sunday, the governor shut down in-person services for state offices while restoration efforts are underway.

Scammers Steal $1 Million in Crypto Using Fake Delta and AMC Sites

Cybersecurity firm Netcraft has discovered a new task scam cluster that has stolen over $1 million in crypto.…

HackRead
Open in Source
#web#ios#js#git#alibaba
China Hijacks Captive Portals to Spy on Asian Diplomats

The Mustang Panda APT is hijacking Google Chrome browsers when they attempt to connect to new networks and redirecting them to phishing sites.

Google: Salesforce Attacks Stemmed From Third-Party App

A group tracked as UNC6395 engaged in "widespread data theft" via compromised OAuth tokens from a third-party app called Salesloft Drift.

Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks

The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. "Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,

GHSA-4x4m-3c2p-qppc: Kubernetes Nodes can delete themselves by adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection.

GHSA-f2m2-4q6r-cwc4: simple-admin-core SQL Injection vulnerability

An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited SQL injection vulnerability, which may lead to partial data leakage or disruption of normal system operations.

GHSA-rfh2-8vxq-jqr8: NodeBB SQL Injection vulnerability

NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not properly sanitized, allowing unauthenticated, remote attackers to inject boolean-based blind and PostgreSQL error-based payloads.

Libbiosig, Tenda, SAIL, PDF XChange, Foxit vulnerabilities

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed ten vulnerabilities in BioSig Libbiosig, nine in Tenda AC6 Router, eight in SAIL, two in PDF-XChange Editor, and one in a Foxit PDF Reader. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in