Chrome Under Attack – Update ASAP
Google announced on Thursday that it has released patches to fix a significant security flaw in its Chrome browser, which has been actively exploited. The vulnerability, identified as CVE-2024-5274, is a type confusion bug found in the V8 JavaScript and WebAssembly engine. This issue was reported…
0 Comments3 Minutes
A Vulnerability in Apache Flink Is Being Actively Exploited
A Security Vulnerability in Apache Flink Is Being Actively Exploited, Says the CISA The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently updated its Known Exploited Vulnerabilities (KEV) list. This update includes a security flaw in Apache Flink, an open-source framework used…
0 Comments4 Minutes
Rockwell’s Call to Disconnect ICS from Internet
Rockwell Automation has issued a strong recommendation to its customers to disconnect any industrial control systems (ICS) that are not intended for internet connectivity due to an increase in cyber threats linked to global geopolitical tensions. This measure is essential to protect these systems…
0 Comments4 Minutes
Hackers Exploit Unicode in Cloud Services to Spread Malware
A new attack effort called CLOUD#REVERSER has been spotted using legitimate cloud storage services such as Google Drive and Dropbox to stage malicious payloads. “The VBScript and PowerShell scripts in CLOUD#REVERSER inherently involves command-and-control-like activities by using Google…
0 Comments5 Minutes
Google Patches Active Chrome Zero-Day Exploit
Google has resolved nine security flaws in its Chrome browser, including a critical zero-day vulnerability that has been actively exploited. This specific vulnerability, identified by the CVE code CVE-2024-4947, arises from a type confusion error within the WebAssembly and JavaScript engines of…
0 Comments3 Minutes
Google Launches AI-Enhanced Security for Android Phones
Google has unveiled a number of privacy and security enhancements for Android smartphones, including a sophisticated set of tools designed to protect users’ devices and data in the event of theft. These features are expected to be available through an update to Google Play services for…
0 Comments4 Minutes
Urgent update of Google Chrome to fix vulnerability.
On Monday, Google issued emergency patches to address a newly discovered zero-day vulnerability in the Chrome web browser. This critical flaw, identified as CVE-2024-4761, affects the V8 JavaScript and WebAssembly engine and has already been exploited by malicious actors in the wild. Initially…
0 Comments4 Minutes
Malicious Python Package Mimics Requests Logo for Sliver C2.
A malicious Python package that appears to be a spin-off of the popular requests library has been discovered by cybersecurity experts to be hiding a Golang version of the Sliver command-and-control (C2) framework behind a PNG image of the project’s logo. Requests-darwin-lite is the package…
0 Comments4 Minutes
LockBit Ransomware Shut Down
As part of a special task force known as Operation Cronos, the U.K. National Crime Agency (NCA) announced on Tuesday that it had obtained LockBit’s source code along with a wealth of information about its operations and those of its associates. “Some of the data on LockBit’s…
0 Comments8 Minutes
Hijack Loader Malware Utilizes Process Hollowing
A recent version of the Hijack Loader Malware has been seen to use a fresh set of anti-analysis methods to evade detection. “These improvements try to make the malware more stealthy, so it stays undetected for longer periods of time,” Zscaler ThreatLabz researcher Muhammad Irfan V A…
0 Comments4 Minutes