August 31, 2024 at 12:06PM North Korean threat actors exploited a recently patched security flaw in Google Chrome and Chromium web browsers to deploy the FudModule rootkit. Microsoft attributed this activity to a group known as Citrine Sleet, part of the Lazarus Group, targeting financial institutions involved in cryptocurrency. The attack involved a zero-day exploit … Read more
August 15, 2024 at 07:51AM Palo Alto Networks has released patches for high-severity vulnerabilities in its products, including a command injection issue in Cortex XSOAR, impacting the CommonScripts Pack. The Prisma Access Browser and two medium-severity issues have also been addressed. The company is not aware of any exploited vulnerabilities but has experienced targeted attacks … Read more
January 9, 2024 at 05:35PM Microsoft’s recent Patch Tuesday brought 49 Windows security updates and four high-severity Chrome flaws for Edge. Although there’s no active exploitation, two critical CVEs are listed as “exploitation more likely.” Adobe and SAP also released patches for their products, while Google’s Android Security Bulletin addressed 59 CVEs. No prior exploits … Read more