SolarWinds Releases Hotfix for Critical Hardcoded Credential Vulnerability in Web Help Desk Software
SolarWinds has released a hotfix update to address a Critical-rated Hardcoded Credential vulnerability in its Web Help Desk (WHD) software, allowing remote unauthenticated users to access internal functionality and modify data.
View full story…
FCC Fines Lingo Telecom $1 Million for AI-Generated Robocalls Impersonating President Biden
Lingo Telecom fined by FCC for using AI to spread disinformation through robocalls impersonating President Biden during 2024 election.
View full story…
Google Releases Chrome Update to Address High-Severity Zero-Day Vulnerability
Google has released Chrome version 128.0.6613.84 to fix a high-severity zero-day vulnerability in the V8 JavaScript and WebAssembly engine, known as CVE-2024-7971.
View full story…
Latest Cybernews
Ransomware Attacks Target Cybersecurity Teams During Off-Hours, Report Finds
Global ransomware attacks have increased by 33% in the past year, with cybercriminals strategically launching attacks between 1am and 5am to catch IT staff off guard and limit their availability for detection and response.
View full story…
CERTUA Issues Warning on Vermin Phishing Campaign Targeting Ukraine
Vermin hacking collective launches new phishing campaign targeting Ukraine with FIRMACHAGENT malware, posing serious threat to organizations.
View full story…
North Korean Threat Actor Group UAT-5394 Distributing New Remote Access Trojan MoonPeak
Cisco Talos has identified a state-sponsored North Korean threat actor group distributing a new Remote Access Trojan called MoonPeak, a variant of the XenoRAT malware actively developed by the threat actor.
View full story…
Critical Privilege Escalation Vulnerability Patched in LiteSpeed Cache Plugin for WordPress
A critical security vulnerability in the LiteSpeed Cache plugin for WordPress allows unauthenticated attackers to gain administrative access, affecting over 5,000,000 sites.
View full story…
Critical Security Vulnerability Discovered in Microsoft’s Copilot Studio
A critical security vulnerability, identified as CVE-2024-38206, was recently discovered in Microsoft’s Copilot Studio by cybersecurity researchers, allowing authenticated attackers to bypass SSRF protection and access sensitive cloud-based information within Microsoft’s internal infrastructure.
View full story…
Australian Information Commissioner Halts Investigation into Clearview AI’s Use of Facial Recognition Technology in Australia
OAIC discontinues investigation into Clearview AI’s alleged unlawful use of facial recognition technology in Australia, citing lack of compliance and global concerns.
View full story…
New macOS Malware Strain TodoSwift Linked to North Korean Hacking Groups BlueNoroff and Lazarus Group
A new macOS malware strain named TodoSwift has been discovered, with connections to North Korean hacking groups BlueNoroff and Lazarus Group, using similar techniques as known malware strains KANDYKORN and RustBucket.
View full story…
78% of Tech Leaders Concerned About Security Risks in SaaS Applications
Technology leaders express worry over cybersecurity threats in SaaS applications, with nearly half reporting incidents in the past year.
View full story…
Cyberattack Disrupts Microchip Technology Operations
Microchip Technology, a semiconductor manufacturer, experienced a cyberattack that disrupted its servers and operations, impacting manufacturing facilities and orders.
View full story…
Latest Cybernews
Iranian Cyber Espionage Group TA453 Targets Jewish Leader with BlackSmith Malware
TA453, also known as Charming Kitten, targets a prominent Jewish religious figure with BlackSmith malware in a phishing campaign.
View full story…