The recently patched CrossBarking vulnerability in the Opera web browser allowed malicious extensions to exploit non-public APIs, leading to unauthorized access and harmful actions such as hijacking accounts and modifying browser settings.
On October 29, 2024, Apple issued critical security updates for iOS 18.1, iPadOS 18.1, and macOS 15.1, fixing 77 vulnerabilities including issues that could allow unauthorized access and data leaks.
North Korean threat actor Jumpy Pisces has shifted from cyberespionage to financially motivated attacks by collaborating with the Play ransomware group, leading to significant cyber incidents affecting approximately 300 organizations.
The SYS01stealer campaign, active since early 2023, targets Facebook business accounts through malvertising to steal sensitive data and distribute malware.
FakeCall, an advanced Android banking Trojan, hijacks calls to bank customer support, enabling attackers to extract sensitive data from unsuspecting users.
The United States government is investigating a significant cybersecurity breach involving unauthorized access to telecommunications infrastructure by a Chinese cyber espionage group known as Salt Typhoon, which has targeted high-profile individuals, including members of the Trump family and officials from the Biden administration, raising serious national security concerns.
