Bleeping Computer
APRIL 22, 2023
The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. [.
Security Affairs
APRIL 22, 2023
US Cybersecurity and Infrastructure Security Agency (CISA) added MinIO, PaperCut, and Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog : CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Bleeping Computer
APRIL 22, 2023
GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging to an organization. [.
Security Affairs
APRIL 22, 2023
North Korea-linked APT group behind the 3CX supply chain attack also broke into two critical infrastructure organizations in the energy sector. Symantec researchers reported that the campaign conducted by North Korea-linked threat actors that included the 3CX supply chain attack also hit two critical infrastructure organizations in the energy sector. “The X_Trader software supply chain attack affected more organizations than 3CX.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Bleeping Computer
APRIL 22, 2023
Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users' sensitive data in Europe and the U.S. [.
WIRED Threat Level
APRIL 22, 2023
Apple thwarts NSO’s spyware, the rise of a GPT-4 black market, Russia targets Starlink internet connections, and more.
Security Affairs
APRIL 22, 2023
Threat actors were observed installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. Researchers from Sucuri warned that threat actors are installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. The Eval PHP plugin allows PHP code to be inserted into the pages and posts of WordPress sites and then executed every time the posts are opened.
Expert insights. Personalized for you.
136 
Let's personalize your content