A critical prototype pollution vulnerability in Blitz.js, a JavaScript online application framework, has been patched to prevent remote code execution (RCE) on Node.js servers.…
General
General
Password History Requirement in Windows AD to Reduce Password Reuse
Longtime advocates of password restrictions that prevent users from using their old passwords again include IT security experts. For instance, Netwrix advises configuring your…
General
Most Enterprise Vendors, According To A New Study, Are Failing To Mitigate Attacks Using Speculative Execution
In light of the fact that speculative execution assaults continue to be a vulnerability afflicting current CPUs, recent study has revealed a “industry failure”…
General
Sality Virus Penetrates Industrial Systems Via A Password Recovery Application
A threat actor is using password “cracking” software for programmable logic controllers to infect industrial control systems (ICS) and turn them into a botnet…
General
Attackers Look For Weak Plugins on 1.6 Million WordPress Sites
Security experts have discovered a large-scale operation that searched over 1.6 million WordPress websites for the presence of a flaky plugin that permits file…
General
Android Security: How This New Malware Has Emerged As A Major Threat To SmartPhones
Only appearing a month ago, MaliBot has already established itself as one of the most common malware strains that targets Android users. One of…
General
Brute Ratel Pentest Tool Is Added by BlackCat to Attack Arsenal
Gangs Target Big Businesses in the U.S., Europe, and Asia The Brute Ratel pentesting tool with remote access features has been added to the…
General
Use-After-Free Vulnerability in Google Chrome WebGPU
A recent use-after-free vulnerability in Google Chrome’s WebGPU standard was found by Cisco Talos. Cross-platform web browser Google Chrome is built on the open-source…
General
Transparent Tribe’s Most Recent Campaign Targets The Educational Sector
At a Glance: Cisco Talos has been tracking a new malicious campaign operated by the Transparent Tribe APT group. This campaign involves the targeting…
General
3,000,000 New Android Malware Downloads From Google Play
Over 3,000,000 people downloaded a new Android malware family from the Google Play Store that discreetly subscribes users to premium services. Maxime Ingrao, an…