The US Cybersecurity and Infrastructure Security Agency (CISA) warns of active exploitation of a high-severity vulnerability in Apple iOS and macOS that allows attackers to bypass Pointer Authentication.
A Government Accountability Office (GAO) report reveals that US federal agencies are not effectively evaluating the effectiveness of their support to critical infrastructure sectors in addressing ransomware threats, jeopardizing the White House’s goal of enhancing cyber resilience.
HeadCrab 2.0 malware campaign actively targets Redis database servers worldwide, infiltrating them to create a botnet for illegal cryptocurrency mining and executing shell commands, loading fileless kernel modules, and exfiltrating data.
A new variant of the FritzFrog botnet incorporates the Log4Shell exploit to spread within compromised networks and target vulnerable servers through SSH brute force, posing a significant threat to internal assets.
The US government has imposed sanctions on two Egyptian IT experts, Al-Mawji Mahmud Salim and Sarah Jamal Muhammad Al-Sayyid, for their involvement in providing cybersecurity support and training to ISIS, disrupting the organization’s global financial networks.
A heap-based buffer overflow vulnerability in the GNU C library (glibc) has been found, enabling unauthorized users to gain root access.
