MavenGate is a supply chain attack that exploits abandoned libraries in Java and Android applications, allowing hackers to inject malicious code and compromise the build process.
Cybersecurity experts detect a surge in cyberattacks targeting vulnerabilities in Apache ActiveMQ hosts, revealing a stealthy web shell called the Godzilla Webshell hidden within an unknown binary format.
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to immediately implement vendor-published mitigation guidance for Ivanti Connect Secure and Ivanti Policy Secure solutions, which have been actively exploited by multiple threat actors.
Cybersecurity researchers have uncovered two advanced information stealers, NS-STEALER and Chaes malware, which infiltrate systems and collect sensitive data using various techniques.
LoanDepot, a major US-based retail mortgage lender, reveals a cyberattack in which hackers stole the personal information of approximately 16.6 million customers, raising concerns about data security and the risk of identity theft and fraud.
Microsoft reveals that its corporate systems were targeted by the Russian hacking group Midnight Blizzard, compromising email accounts of top executives and employees, but no evidence of access to customer environments or production systems was found.
