Security
Headlines
HeadlinesLatestCVEs

Latest News

Initial Access Broker Self-Patches Zero Days as Turf Control

A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to the same network.

DARKReading
Open in Source
#vulnerability#zero_day
US Treasury Sanctions BPH Provider Aeza Group

In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.

AI Tackles Binary Code Challenges to Fortify Supply Chain Security

Analyzing binary code helps vendors and organizations detect security threats and zero-day vulnerabilities in the software supply chain, but it doesn't come without challenges. It looks like AI has come to the rescue.

Russian APT 'Gamaredon' Hits Ukraine With Fierce Phishing

A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine.

ClickFix Spin-Off Attack Bypasses Key Browser Safeguards

A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware.

A Group of Young Cybercriminals Poses the ‘Most Imminent Threat’ of Cyberattacks Right Now

The Scattered Spider hacking group has caused chaos among retailers, insurers, and airlines in recent months. Researchers warn that its flexible structure poses challenges for defense.

North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign

Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. "Unusually for macOS malware, the threat actors employ a process injection technique and remote communications via wss, the TLS-encrypted version of the WebSocket protocol,"

Qantas Confirms Major Data Breach Linked to Third-Party Vendor

Qantas has confirmed a data breach after attackers gained access through a third-party call centre platform, affecting millions…

GHSA-3w94-vq2x-v5wr: ethereum does not check transaction malleability for EIP-2930, EIP-1559 and EIP-7702 transactions

### Impact Prior to `ethereum` crate v0.18.0, signature malleability (according to EIP-2) was only checked for "legacy" transactions, but not for EIP-2930, EIP-1559 and EIP-7702 transactions. This is a specification deviation and therefore a high severity advisory if the `ethereum` crate is used for Ethereum mainnet. Note that signature malleability itself is not a security issue, and therefore if the `ethereum` crate is used on a single-implementation blockchain, it's a low/informational severity advisory. ### Patches The issue is fixed in `ethereum` v0.18.0 ### Workarounds You can also manually check transaction malleability outside of the crate. But it's recommended to simply upgrade the version. ### References See PR: https://github.com/rust-ethereum/ethereum/pull/67

1 Year Later: Lessons Learned From the CrowdStrike Outage

The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactively respond to issues and continuously improve.