Please turn on your JavaScript for this page to function normally.
Bitbucket
Patch critical flaw in Atlassian Bitbucket Server and Data Center! (CVE-2022-36804)

A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable …

LastPass
LastPass breach: Source code, proprietary tech info stolen

“An unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code …

Phishing PyPI users: Attackers compromise legitimate projects to push malware

PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …

How attackers abuse Microsoft MFA
How attackers use and abuse Microsoft MFA

Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise …

GitLab
Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)

GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins to …

hand
Fake DDoS protection pages are delivering malware!

Malware peddlers are exploiting users’ familiarity with and inherent trust in DDoS protection pages to make them download and run malware on their computer, Sucuri …

Ring Android app
Vulnerability in Amazon Ring app allowed access to private camera recordings

A vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor (video doorbell) and indoor surveillance cameras, could have been …

Apple
Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)

Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in …

Microsoft
Microsoft makes tamper protection for macOS endpoints widely available

The tamper protection feature in Microsoft Defender for Endpoint for macOS is getting rolled out to all customers, the company has announced on Monday. The feature is meant …

DigitalOcean
DigitalOcean customers affected by Mailchimp “security incident”

A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on …

Signal app
1,900 Signal users exposed following Twilio breach

The attacker behind the recent Twilio data breach may have accessed phone numbers and SMS registration codes for 1,900 users of the popular secure messaging app Signal. …

Cisco
Cisco has been hacked by a ransomware gang

U.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site. …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools