Security
Headlines
HeadlinesLatestCVEs

Tag

#git

APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries

Introduction In today's interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the sharing of information and functionalities. However, as the use of APIs continues to rise, they have become an increasingly attractive

The Hacker News
Open in Source
#vulnerability#web#ddos#dos#git#backdoor#auth#ssl#The Hacker News
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud

LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, Retail, Hospitality,

CVE-2023-41692: WordPress Attorney theme <= 3 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hennessey Digital Attorney theme <= 3 theme.

BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground

Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that's being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credentials and system information, and much more," Zscaler ThreatLabz researchers Niraj Shivtarkar and

Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users

An emerging Android banking trojan called Zanubis is now masquerading as a Peruvian government app to trick unsuspecting users into installing the malware. "Zanubis's main infection path is through impersonating legitimate Peruvian Android applications and then tricking the user into enabling the Accessibility permissions in order to take full control of the device," Kaspersky said in an

Ransomware reinfections on the rise from improper remediation

Ransomware attacks have been ramping up in 2023 and reinfections are occurring all over the globe, forcing lean IT teams to prepare. (Read more...) The post Ransomware reinfections on the rise from improper remediation appeared first on Malwarebytes Labs.

Microsoft Defender Flags Tor Browser as Win32/Malgent!MTB Malware

By Waqas Win32/Malgent!MTB is a generic detection that Microsoft Defender uses to identify Trojans that are designed to perform a variety of malicious actions on a computer. This is a post from HackRead.com Read the original post: Microsoft Defender Flags Tor Browser as Win32/Malgent!MTB Malware

Russian Court Jails Crypto Money Launderer for 12 Years

By Waqas A Russian crypto money launderer and drug trafficker has been sentenced to 11.5 years by the Ryazan region of Russia. This is a post from HackRead.com Read the original post: Russian Court Jails Crypto Money Launderer for 12 Years

GHSA-39m3-cj8c-886r: Dolibarr Cross-site Scripting vulnerability

Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr prior to 18.0.0.

CVE-2023-5323: Fix #hunter7a048bb7-bfdd-4299-931e-9bc283e92bc8 · Dolibarr/dolibarr@695ca08

Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr prior to 18.0.