Almost Every Apple Device Vulnerable To CocoaPods Supply Chain Attack

Russian APT Reportedly Behind New TeamViewer Hack

New BadSpace Backdoor Deployed In Drive-By Attacks

Notorious Cyber Gang UNC3944 Attacks vSphere And Azure To Run VMs Inside Victims' Infrastructure

VSCode Extensions With Malicious Code Installed 229M Times

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor

VMware Abused In Recent MITRE Hack For Persistence, Evasion

Linux Maintainers Were Infected For 2 Years By SSH-Dwelling Backdoor With Huge Reach

400,000 Linux Servers Hit By Ebury Botnet

Malicious PyPi Requests Fork Hides Backdoor In PNG File

Iranian Cyberspies Hit Targets With New Backdoors

Ten Years Of Heartbleed: Lessons Learned

Powerful Brokewell Android Trojan Allows Device Takeover

Millions Of IPs Remain Infected By USB Worm Years After Its Creators Left It For Dead

Nation-State Hackers Exploit Cisco Firewall Zero Days To Backdoor Government Networks

Bing Ad Posing As NordVPN Aims To Spread SecTopRAT Malware

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code execution. It was addressed by the company as part of

Major Linux Distributions Impacted By XZ Utils Backdoor

FAQ On The xz-utils Backdoor

Technologist Versus Spy: The xz Backdoor Debate

Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros

Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils

Chinese Cyberspies Targeting ASEAN Entities

Justice Dept Indicts 7 Accused In 14 Year Long Hack Campaign By Chinese Government

StrelaStealer Malware Hits More Than 100 EU And US Organizations

Suspicious NuGet Package Harvesting Info From Industrial Systems

Developers Hacked In Sophisticated Supply Chain Attack

Ransomware, RATs, And More Deployed On Compromised TeamCity Servers

Chinese APT Hacks 48 Government Organizations

Fujitsu Reveals Malware Installed On Internal Systems

Never Before Seen Linux Malware Gets Installed Using 1-Day Exploits

Microsoft Under Constant Attack By Russian Hackers, Filing Says

GTPDOOR - A Novel Backdoor Tailored For Covert Access Over The Roaming Exchange

Hikvision Patches Vuln In Security Management System

Australian Spy Chief Fears Sabotage Of Critical Infrastructure

Code Injection Or Backdoor: A New Look At Ivanti's CVE-2021-44529

Backdoors That Let Cops Decrypt Messages Violate Human Rights, EU Courts Says

Cybercriminals Are Stealing Face ID Scans To Break Into Bank Accounts

Ivanti Vuln Exploited To Deliver New DSLog Backdoor

Meet VexTrio, A Network Of 70K Hijacked Websites Crooks Use To Sling Malware, Fraud

New macOS Backdoor Linked To Prominent Ransomware Groups

HijackLoader Variant Evades Detection, Enhances Persistence

US Says China's Volt Typhoon Hackers Pre-Positioning For Cyberattacks Against Critical Infrastructure

Feds Untether Hundreds Of Routers From Volt Typhoon Botnet

5.3k Servers Still Vulnerable To GitLab Password Reset Flaw

GitHub, NPM Registry Abused To Host SSH Key-Stealing Malware

HPE Says Russian Government Hackers Had Access To Emails For 6 Months

New Class Of CI/CD Attacks Could Have Led To PyTorch Supply Chain Compromise

Actively Exploited 0-Days In Ivanti VPN Are Letting Hackers Backdoor Networks

SpectralBlur macOS Backdoor Linked To North Korea

Police Warns Hundreds Of Online Merchants Of Skimmers

Chinese Hackers Deliver Malware To Barracuda Email Security Appliances Via New Zero-Day

Iranian Hackers Target US Defense Sector With New Backdoor

Something Nasty Injected Login Stealing JavaScript Code Into 50k Online Banking Sessions

Hundreds Of Thousands Of Dollars In Crypto Stolen After Ledger Code Poisoned

NKabuse Backdoor Harnesses Blockchain Brawn To Hit Several Architectures

Chinese APT Volt Typhoon Linked To Unkillable SOHO Router Botnet

Think Tank Report Labels NSO, Lazarus As Cyber Mercenaries

PSA: Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin

Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected

Novel Mirai-Based DDoS Botnet Exploits 0-Days To Infect Routers And Security Cameras