Zeljka Zorz
![email](https://img.helpnetsecurity.com/wp-content/uploads/2018/01/09102029/email-400x200.jpg)
Phishers exploit Google’s SMTP Relay service to deliver spoofed emails
Phishers are exploiting a flaw in Google’s SMTP relay service to send malicious emails spoofing popular brands. Avanan researcher Jeremy Fuchs says that starting in April …
![ecommerce](https://img.helpnetsecurity.com/wp-content/uploads/2019/12/05094040/ecommerce-400x200.jpg)
CMS-based sites under attack: The latest threats and trends
Payment card skimmers are becoming more common in exploit kits affecting WordPress websites and attackers are spending more time customizing them to avoid detection, …
![Android 13](https://img.helpnetsecurity.com/wp-content/uploads/2022/05/02132906/android13-bug-bounty-400x200.jpg)
Google offers 50% higher bounties for bugs in Android 13 Beta
Google has released Android 13 Beta 1 and has sent out a call for bug hunters: Find bugs in it, and you’ll get a 50% bonus reward payout. They should hurry up, though: …
![NAS](https://img.helpnetsecurity.com/wp-content/uploads/2021/08/12163630/nas_devices-400x200.jpg)
Critical vulnerabilities open Synology, QNAP NAS devices to attack
Users of Synology and QNAP network-attached storage (NAS) devices are advised to be on the lookout for patches for several critical vulnerabilities affecting Netatalk, an …
![danger](https://img.helpnetsecurity.com/wp-content/uploads/2019/07/09093741/danger1-400x200.jpg)
The 15 most exploited vulnerabilities in 2021
In 2021, threat actors aggressively exploited newly disclosed critical software vulnerabilities to hit a broad set of targets worldwide, says the latest advisory published by …
![Linux](https://img.helpnetsecurity.com/wp-content/uploads/2017/06/09103829/Linux2-400x200.jpg)
Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)
Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …
![ransomware](https://img.helpnetsecurity.com/wp-content/uploads/2021/08/27102024/ransomware_2_26082021-400x200.jpg)
Meteoric attack deploys Quantum ransomware in mere hours
A group wielding the Quantum Locker ransomware is hitting targets in a blitzkrieg-like manner, going from intial compromise to domain-wide deployment and execution in under …
![Windows](https://img.helpnetsecurity.com/wp-content/uploads/2018/07/09100610/windows-400x200.jpg)
Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)
Three days have passed since Microsoft’s latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It’s easy …
![industry](https://img.helpnetsecurity.com/wp-content/uploads/2018/10/09095907/industry-mirror-400x200.jpg)
APT group has developed custom-made tools for targeting ICS/SCADA devices
Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …
![VMware](https://img.helpnetsecurity.com/wp-content/uploads/2020/06/02111054/vmware-logo-line-400x200.jpg)
Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)
Cyber crooks have begun exploiting CVE-2022-22954, a RCE vulnerability in VMware Workspace ONE Access and Identity Manager, to deliver cryptominers onto vulnerable systems. …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2020/08/11203235/patch-tuesday-mountain-400x200.jpg)
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
![Ukraine](https://img.helpnetsecurity.com/wp-content/uploads/2022/02/25195635/ukraine-man-400x200.jpg)
Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid
The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried …
Featured news
Sponsored
Don't miss
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation