Security
Headlines
HeadlinesLatestCVEs

Tag

#git

OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal

The documents contained malicious VBA code, indicating they may be used as lures to infect organizations.

TALOS
Open in Source
#web#mac#windows#microsoft#cisco#git#intel#auth
'Sandworm' Group Is Russia's Primary Cyberattack Unit in Ukraine

But even with that focus, the sophisticated threat group has continued operations against targets globally, including the US, says Google's Mandiant.

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities

Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.

Israeli Defense Forces Hold Hybrid Cyber & Military Readiness Drills

Israel prepares for a response to Iran's April 14 drone and missile attack.

GHSA-6ppg-rgrg-f573: Dolibarr vulnerable to Cross-Site Request Forgery

Incorrect access control in Dolibarr ERP CRM versions 19.0.0 and before, allows authenticated attackers to steal victim users' session cookies and CSRF protection tokens via user interaction with a crafted web page, leading to account takeover.

GHSA-8cph-m685-6v6r: OpenFGA Authorization Bypass

# Overview Some end users of OpenFGA v1.5.0 or later are vulnerable to authorization bypass when calling Check or ListObjects APIs. # Am I Affected? You are very likely affected if your model involves exclusion (e.g. `a but not b`) or intersection (e.g. `a and b`) and you have any cyclical relationships. If you are using these, please update as soon as possible. # Fix Update to v1.5.3 # Backward Compatibility This update is backward compatible.

The Future of Business Communications: Trends Shaping the Industry

By Uzair Amir Discover how omnichannel campaign management helps businesses thrive in 2024. Learn the benefits & unlock the secrets to success in today's tech-driven market. This is a post from HackRead.com Read the original post: The Future of Business Communications: Trends Shaping the Industry

How Boards Can Prepare for Quantum Computers

Quantum computing on the level that poses a threat to current cybersecurity measures is still years off. Here's what enterprises can do now to avoid future disruptions.

GHSA-x674-v45j-fwxw: MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service

>[!IMPORTANT] >**ONLY** applications targeting Xamarin Android and .NET Android (MAUI) are impacted. All others can safely dismiss this CVE. ### Impact [MSAL.NET](https://www.nuget.org/packages/Microsoft.Identity.Client/) applications targeting Xamarin Android and .NET Android (e.g., MAUI) using the library from versions `4.48.0` to `4.60.3` (inclusive, except `4.59.1` and `4.60.3`) are impacted by a low severity vulnerability. A malicious application running on a customer Android device can cause local denial of service against applications that were built using MSAL.NET for authentication on the same device (i.e., prevent the user of the legitimate application from logging in) due to incorrect activity export configuration. ### Patches MSAL.NET version 4.60.3 includes the fix. We recommend all users of MSAL.NET that are building public client applications for Android update to the latest version. ### Workarounds We recommend developers update to the latest version of MSA...