August 20, 2024 at 01:33AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Jenkins to its Known Exploited Vulnerabilities catalog. The CVE-2024-23897 vulnerability, with a CVSS score of 9.8, allows code execution and has been actively exploited in ransomware attacks. Federal agencies have until September 9, 2024, to … Read more
May 23, 2024 at 01:51AM CloudSEK has warned of scammers selling fake code masquerading as NSO Group’s Pegasus spyware. The firm alleges that threat actors are distributing their own tools under Pegasus’s name to profit from its infamy. CloudSEK researchers discovered fake spyware offered for sale on various platforms and noted a shift in Apple’s … Read more
January 28, 2024 at 06:38PM CloudSEK discovered 750 million Indian mobile network subscribers’ records on the dark web, offered by two crime gangs for $3,000. The trove included names, phone numbers, addresses, and Aadhaar details. Samsung will use Baidu’s ERNIE model for its Galaxy S24 devices in China. Terraform Labs filed for Chapter 11 bankruptcy, … Read more