June 12, 2024 at 01:41PM A new phishing kit has been released enabling creation of deceptive corporate login forms using Progressive Web Apps (PWAs). PWAs are web-based apps that imitate desktop applications and can display fake address bars to make phishing forms look convincing. Security researcher mr.d0x has released templates for this technique, potentially enabling … Read more
June 6, 2024 at 01:57PM Hackers are targeting GitHub repositories, wiping content, and directing victims to Telegram. This follows an ongoing campaign spotted by security researcher Germán Fernández. The threat actor, Gitloker, claims to back up and secure data but demands victims reach out on Telegram. GitHub advises users to strengthen security measures and monitor … Read more
June 6, 2024 at 06:18AM Threat actors are employing legitimate packer software like BoxedApp to distribute malware, targeting financial and government sectors. Malware families like Agent Tesla and Remcos are being propagated using NSIXloader. Another packer codenamed Kiteshield has been used by threat actors to target Linux systems. These techniques aim to evade endpoint security … Read more
June 3, 2024 at 06:30AM Security researcher Sam Curry has identified authorization bypass issues in Cox modems, allowing potential unauthorized access and the execution of malicious commands. Following responsible disclosure, the U.S. broadband provider promptly addressed the vulnerabilities. Curry’s analysis revealed potential access to sensitive customer data and the ability to modify device settings, posing … Read more
May 30, 2024 at 10:06AM In 2023, over 23,000 vulnerabilities were disclosed, leading to a race to release exploits. Coordinated disclosure involves alerting vendors and waiting to publicly release findings. Full disclosure argues for immediate transparency to prompt patches. Responsible disclosure is crucial due to the potential exploitation of vulnerabilities. Publicly releasing exploit research can … Read more
May 21, 2024 at 07:09AM A critical security flaw in the llama_cpp_python Python package (CVE-2024-34359, codenamed Llama Drama) allows threat actors to execute arbitrary code, posing a risk to data and operations. Another high-severity flaw in Mozilla’s PDF.js library permits JavaScript execution in the PDF.js context. Both issues have been addressed in recent software updates. … Read more
May 19, 2024 at 04:18AM The Grandoreiro banking trojan, previously targeted at Latin America, has reemerged in a global campaign, expanding its reach to over 1,500 banks across 60+ countries. The large-scale phishing attacks utilize a sophisticated malware, employing tactics to avoid detection and compromising victims’ systems, including the abuse of Microsoft Outlook to spread … Read more
May 15, 2024 at 09:00AM Santander bank in Spain disclosed a data breach affecting some customers and employees due to unauthorized access to a third-party database. Santander clarified that the breach only impacted customers in Spain, Chile, and Uruguay, and some former employees. The bank assured customers that their operations and systems are unaffected, and … Read more
May 14, 2024 at 11:59AM Apple released security updates to address the CVE-2024-27834 zero-day vulnerability in Safari. The flaw was exploited during Pwn2Own Vancouver, earning the discoverer $60,000. The update is available for macOS Monterey and macOS Ventura, with instructions to update Safari separately from the operating system. Pwn2Own Vancouver 2024 resulted in $1,132,500 in … Read more
May 10, 2024 at 04:03AM Cybersecurity researchers have uncovered a new attack, LLMjacking, targeting cloud-hosted large language model (LLM) services. Attackers use stolen cloud credentials to access LLMs, exploiting vulnerable systems like Laravel Framework and AWS. By querying logging settings, attackers aim to evade detection while racking up substantial costs for victims. Organizations are advised … Read more