Recent Security News

  • Discord still a hotbed of malware activity — Now APTs join the fun

    October 16, 2023 at 05:37PM Discord is increasingly being used by hackers and advanced persistent threat (APT) groups to distribute malware, steal data, and target critical infrastructure. Trellix’s report highlights how Discord’s content delivery network (CDN) is utilized for delivering malicious payloads, while webhooks are abused for data theft. The report also notes that APT…

    Read More

  • Malicious ‘Airstrike Alert’ App Targets Israelis

    October 16, 2023 at 05:07PM Cyber attackers are using a modified version of the RedAlert application, which warns Israelis of incoming airstrikes, to collect sensitive data from users. The spoofed version gives cybercriminals access to contacts, call logs, SMS details, and other information. Users who installed the Android version of the app from a specific…

    Read More

  • Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit

    October 16, 2023 at 04:52PM Cisco has disclosed a critical zero-day vulnerability in the Web User Interface of its IOS XE operating system. The flaw, assigned as CVE-2023-20198, affects all Cisco IOS XE devices with the Web UI feature enabled and allows attackers to create an account with complete device control. Cisco advises customers to…

    Read More

  • Kansas courts IT systems offline after ‘security incident’

    October 16, 2023 at 04:10PM The information systems of state courts across Kansas are offline due to a security incident. This includes the eFiling system, electronic payments system, and case management systems. The courts are still operational but are only accepting paper filings and payments made via fax or mail. Filing deadlines may be extended…

    Read More

  • Hackers exploit critical flaw in WordPress Royal Elementor plugin

    October 16, 2023 at 03:13PM A critical vulnerability in Royal Elementor Addons and Templates up to version 1.3.78 is being actively exploited by hackers. The flaw, tracked as CVE-2023-5360, allows unauthenticated attackers to upload arbitrary files and potentially achieve remote code execution, compromising the websites. Two WordPress security firms have reported a significant increase in…

    Read More