Indian security researcher Rajvardhan Agarwal recently published a proof-of-concept code for a brand new vulnerability affecting Google Chrome, Microsoft Edge, Brave, and Opera (all Chromium-based). The vulnerability resides in the V8 JavaScript engine, and it’s most likely the same flaw,…
Remember Stuxnet? Described as “the first digital weapon,” the devastating computer worm caused substantial damage to Iran’s nuclear program. Natanz Incident: What Happened? According to an announcement made on Sunday, Iran shared that an accident impacted the electricity distribution network…
Several days ago, we reported a large-scale data leak that affected 533 million Facebook accounts. The vulnerability that caused the data leak is now fixed. However, the social media platform is facing an investigation by EU regulators. The data breach…
How safe is Google Play Store? We have written about numerous cases of malicious Android apps hiding in various app stores, directly threatening the owners of the devices. This time security researchers have discovered a wormable piece of Android malware…
Hackers are currently exploiting several security vulnerabilities in popular mission-critical SAP applications. The vulnerabilities enable full takeover and give access to the targeted vulnerable organizations. Several Critical Vulnerabilities in SAP Applications According to the official CISA announcement of the attacks,…
What is the safest way to keep your passwords? Perhaps using a password manager is considered one of the better ways to manage your passwords, especially in a working environment. Unfortunately, despite the available technologies, new Keeper Security study shows…
A new spear phishing campaign leveraging LinkedIn users is using fake job offers to lure potential victims. The payload of the malicious operation is the more_eggs backdoor controlled by the Golden Chicken hackers. According to eSentire security researchers, the phishing…
Have you changed your Facebook password lately? If you haven’t, you may want to change it – security researchers reported a massive data breach exposing the phone numbers and personal details of millions of users. The exposed data consists of…
Security researchers reported vulnerabilities in several legacy models of QNAP network attached storage devices. These devices are prone to remote unauthenticated attacks due to two zero-day flaws – CVE-2020-2509 and CVE-2021-36195. According to SAM’s security research team, QNAP TS-231’s latest…
Is your online privacy respected by large tech companies? Not so much! Both Google’s Pixel and Apple’s iPhone are siphoning mobile device data without the users’ consent. According to researcher Douglas Leith from Trinity College, both iOS and Android transmit…
Cybercriminals constantly reinvent themselves and their hacking approaches. One of the latest “innovations” in the world of cyber scamming focuses on cybercrooks targeting cybersecurity researchers. Cybercrooks posing as cybersecurity researchers… targeting cybersecurity researchers “In January, the Threat Analysis Group documented…
The official PHP Git server was recently compromised in a software supply chain attack. The attackers pushed unauthorized updates to implant a backdoor in the server’s source code. PHP Git Server Cyberattack: What Should You Know? “Yesterday (2021-03-28) two malicious…
CVE-2020-11261 is a new dangerous vulnerability in Android devices. The vulnerability affects Qualcomm chipsets and their Graphics component in an issue called “improper input validation.” CVE-2020-11261: Some Details If exploited successfully, the flaw could cause memory corruption when a malicious…
Security researchers are warning of a new malware piece specifically targeting iOS developers. Known as XcodeSpy, the malware is a trojanized version of a legitimate app. XcodeSpy: Trojanized Xcode Project Targeting iOS Developers Sentinel Labs researchers recently became aware of…
New security reports indicate the emergence of new Mirai botnets exploiting specific vulnerabilities to target IoT devices. The attacks are ongoing, trying to download a malicious shell script with further infection outcomes, such as the execution of Mirai variants and…
Are you a proud owner of an iPhone or iPad? You should know that it is highly likely for Apple to change how it delivers security updates to these devices. Specific code detected in iOS 14.5 indicates that Apple is…
New analysis indicates that a well-known security vulnerability in Microsoft Office is still exploited by threat groups. The vulnerability in question is CVE-2017-11882, a memory corruption flaw in Microsoft Office Equation Editor, first discovered in December 2017. The exploit allows…
If you haven’t recently checked what version of Google Chrome you are using, you should definitely check. Google recently addressed another actively exploited zero-day vulnerability in its browser, CVE-2021-21193. This is the second time Google releases such an update within…
It seems that there’s a wave of iOS and macOS vulnerabilities being uncovered by security researchers. The latest one concerns Automatic Call Recorder, an iOS call recording application which contained a bug that could give access to users’ conversations. The…
A new vulnerability affecting iOS, macOS, watchOS, and Safari browser was recently detected by security researchers. Apple has already released a fix for the bug, CVE-2021-1844. CVE-2021-1844 in iOS, macOS, watchOS The vulnerability was discovered by two researchers: Clément Lecigne…
