Tag
A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamese-aligned hacking crew that's also known as APT-C-00, Canvas Cyclone (formerly Bismuth), Cobalt Kitty, and OceanLotus. The intrusion is
Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices," Google Threat Analysis Group (TAG) researcher Clement
Suspected Russian hackers have compromised a series of websites to utilize sophisticated spyware exploits that are eerily similar to those created by NSO Group and Intellexa.
Online Graduate Tracer System version 1.0.0 suffers from an insecure direct object reference vulnerability.
SPIP version 4.2.5 suffers from a code execution vulnerability.
Online Bus Ticketing version 1.0 suffers from an insecure direct object reference vulnerability.
Online Appointment System version 1.0 suffers from an ignored default credential vulnerability.
Multi-Vendor Online Groceries Management System version 1.0 suffers from an ignored default credential vulnerability.
U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox Kitten, Lemon Sandstorm (formerly Rubidium), Parisite, and UNC757, which it described as connected to
Single sign-on systems from several Big Tech companies are being incorporated into deepfake generators, WIRED found. Discord and Apple have started to terminate some developers’ accounts.