Please turn on your JavaScript for this page to function normally.
Microsoft Windows
Patching problems: The “return” of a Windows Themes spoofing vulnerability

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes …

Microsoft Teams
Black Basta operators phish employees via Microsoft Teams

Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft …

Redline
Police hacks, disrupts Redline, Meta infostealer operations

The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may …

attacks
Exploited: Cisco, SharePoint, Chrome vulnerabilities

Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s …

Fortinet
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575)

Fortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. About CVE-2024-47575 …

vmware
VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)

Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the …

roundcube
Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies …

Fortinet
Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability

In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese …

Internet Archive
The Internet Archive breach continues

Cybersecurity troubles are not over for the Internet Archive (IA), the nonprofit organization behind the popular digital library site: after the recent DDoS attacks, …

Eye
Microsoft lost some customers’ cloud security logs

Microsoft has lost several weeks of cloud security logs that its customers rely on to spot cyber intrusions. What happened As reported by Business Insider earlier this month, …

malware
Israeli orgs targeted with wiper malware via ESET-branded emails

Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack …

arrest
Arrested: USDoD, Anonymous Sudan, SEC X account hacker

Law enforcement agencies have arrested suspects involved in cyber attacks claimed by USDoD and Anonymous Sudan, as well as a person involved in the hacking of SEC’s X …

Don't miss

Cybersecurity news