SecurityWeek16h
ESET Flags Prototype UEFI Bootkit Targeting Linux
ESET researchers have uncovered a prototype UEFI bootkit targeting Ubuntu Linux, marking an expansion of bootkit attacks ...
SecurityWeek22h
ProjectSend Vulnerability Exploited in the Wild
VulnCheck warns of widespread exploitation of a year-and-a-half-old ProjectSend vulnerability for which multiple public ...
SecurityWeek23h
New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products
Palo Alto Networks and SonicWall VPNs affected by vulnerabilities allowing remote code execution and privilege escalation.
SecurityWeek22h
Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity
US senators introduce new legislation to protect health data and strengthen the cybersecurity of the country’s healthcare ...
SecurityWeek1d
Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack
According to CNN, Blue Yonder solutions are also used by US grocery chains, including Albertsons and Kroger, as well as other ...
SecurityWeek1d
Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets
The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery.
SecurityWeek1d
Interpol Clamps Down on Cybercrime and Arrests Over 1,000 Suspects in Africa
Interpol arrested 1,006 suspects in Africa during a massive two-month operation, clamping down on cybercrime that left tens ...
SecurityWeek1d
VMware Patches High-Severity Vulnerabilities in Aria Operations
The company warns that malicious hackers can craft exploits to elevate privileges or launch cross-site scripting attacks.
SecurityWeek1d
Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites
Two vulnerabilities in the Anti-Spam by CleanTalk WordPress plugin allowed attackers to execute arbitrary code remotely.
SecurityWeek2d
Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack
Russian group APT28 conducted a Nearest Neighbor Attack, hacking into the building across the street from the victim for a Wi ...
SecurityWeek2d
Vulnerabilities Expose mySCADA myPRO Systems to Remote Hacking
Critical vulnerabilities patched by mySCADA in its myPRO HMI/SCADA product can allow remote and unauthenticated takeover of ...
SecurityWeek1d
Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways
CISA warns about attacks exploiting CVE-2023-28461, a critical vulnerability in Array Networks AG and vxAG secure access gateways.