Security
Headlines
HeadlinesLatestCVEs

Tag

#google

University site cloned to evade ad detection distributes fake Cisco installer

Malvertisers got inspired by the website for a German university to bypass ad security and distribute malware.

Malwarebytes
Open in Source
#web#mac#google#cisco#git#wordpress#php
Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials

A global phishing campaign is actively exploiting a legacy Microsoft authentication system to steal user credentials and bypass multi-factor authentication (MFA), targeting over 150 organizations.

Ferret Malware Added to 'Contagious Interview' Campaign

Targets are lured into a fake interview process that convinces them to download malware needed for a virtual interview.

New AI “agents” could hold people for ransom in 2025

"Agentic" AI could arrive in 2025, and it may allow hackers to send individual, AI-powered agents to do their dirty work.

Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden

An investigation into more than 300 cyberattacks against US K–12 schools over the past five years shows how schools can withhold crucial details from students and parents whose data was stolen.

Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104

Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver. Successful exploitation of the flaw could lead

GHSA-qwp8-x4ff-5h87: ZX Allows Environment Variable Injection for dotenv API

### Impact This vulnerability is an **Environment Variable Injection** issue in `dotenv.stringify`, affecting `google/zx` version **8.3.1**. An attacker with control over environment variable values can inject unintended environment variables into `process.env`. This can lead to **arbitrary command execution** or **unexpected behavior** in applications that rely on environment variables for security-sensitive operations. Applications that process untrusted input and pass it through `dotenv.stringify` are particularly vulnerable. ### Patches This issue has been **patched** in version **8.3.2**. Users should **immediately upgrade** to this version to mitigate the vulnerability. ### Workarounds If upgrading is not feasible, users can mitigate the vulnerability by **sanitizing user-controlled environment variable values** before passing them to `dotenv.stringify`. Specifically, avoid using `"`, `'`, and backticks in values, or enforce strict validation of environment variables before u...

1-Click Phishing Campaign Targets High-Profile X Accounts

In an attack vector that's been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims.

A week in security (January 27 – February 2)

A list of topics we covered in the week of January 27 to February 2 of 2025

Foreign Hackers Are Using Google’s Gemini in Attacks on the US

Plus: WhatsApp discloses nearly 100 targets of spyware, hackers used the AT&T breach to hunt for details on US politicians, and more.