Security researchers are warning of a new malware piece specifically targeting iOS developers. Known as XcodeSpy, the malware is a trojanized version of a legitimate app. XcodeSpy: Trojanized Xcode Project Targeting iOS Developers Sentinel Labs researchers recently became aware of…
New security reports indicate the emergence of new Mirai botnets exploiting specific vulnerabilities to target IoT devices. The attacks are ongoing, trying to download a malicious shell script with further infection outcomes, such as the execution of Mirai variants and…
Are you a proud owner of an iPhone or iPad? You should know that it is highly likely for Apple to change how it delivers security updates to these devices. Specific code detected in iOS 14.5 indicates that Apple is…
New analysis indicates that a well-known security vulnerability in Microsoft Office is still exploited by threat groups. The vulnerability in question is CVE-2017-11882, a memory corruption flaw in Microsoft Office Equation Editor, first discovered in December 2017. The exploit allows…
If you haven’t recently checked what version of Google Chrome you are using, you should definitely check. Google recently addressed another actively exploited zero-day vulnerability in its browser, CVE-2021-21193. This is the second time Google releases such an update within…
It seems that there’s a wave of iOS and macOS vulnerabilities being uncovered by security researchers. The latest one concerns Automatic Call Recorder, an iOS call recording application which contained a bug that could give access to users’ conversations. The…
A new vulnerability affecting iOS, macOS, watchOS, and Safari browser was recently detected by security researchers. Apple has already released a fix for the bug, CVE-2021-1844. CVE-2021-1844 in iOS, macOS, watchOS The vulnerability was discovered by two researchers: Clément Lecigne…
A new warning concerning the Linux community was just released. Avoid the First Release Candidate of Linux Kernel 5.12, Linus Torvalds Warns According to Linus Torvalds, open-source developers should avoid the first release candidate of Linux kernel 5.12. Even though…
During last year’s Data Privacy Day (January 27th, 2021), Apple shared its initiative “A Day in the Life of Your Data”. The document presented detailed information of how data is being collected from users, and how data brokers generally operate.…
The infamous Ryuk ransomware has received an important update, equipping it with a new work-like capability. The capability allows the ransomware to spread across compromised networks, making it even more dangerous. Ryuk ransomware updated with new worm-like capability The Ryuk…
Microsoft recently addressed four zero-day vulnerabilities in its Exchange email server. The flaws’ impact is quite alarming, as the Exchange platform is one of the most popular in enterprise infrastructure. Moreover, Microsoft believes the flaws were actively exploited by a…
Amazon Alexa’s users should be aware of a new vulnerability in the voice assistant skill vetting process. Vulnerabilities in Alexa Skill Ecosystem The loopholes could allow threat actors to publish a deceptive skill under any arbitrary developer name. They could…
A privacy bug related to the built-in Tor mode was recently patched in Brave browser. The bug was spotted by bug hunter known as xiaoyinl, and reported to Brave via its HackerOne bug bounty program. Brave Browser’s built-in Tor mode…
MassLoger is one of the most popular credential stealers out there, and it’s been detected in a new phishing campaign. The malware is capable of harvesting login details from Microsoft Outlook, Google Chrome, and some instant messenger applications. The latest…
Crypocurrency mining is once again at its peak. WatchDog, a mining malware which has been around for at least a couple of years, is one the of largest and longest-lasting Monero-mining operations so far. The operation is ongoing, and due…
Malvertising campaigns (short for malicious advertising) could bring a variety of malicious payloads by exploiting various vulnerabilities. The latest such malvertising campaign coordinated by the ScamClub group exploited a zero-day in WebKit-based browsers. The end goal of the operation was…
There’s quite a big loophole in macOS Big Sur which could lead to data loss. The bug resided in Big Sir 11.2, and was also introduced to the 11.3 version. macOS Big Sur Bug Could Lead to Data Loss Shortly…
Have you been using the Android version of the SHAREit app? Unfortunately, it turns out that the app, which has more than one billion downloads, contains unpatched vulnerabilities. The app’s developer has failed to address the bugs for more than…
A new improvement of the security of Microsoft Edge and Google Chrome will be a fact soon. Both Chrommium-based browsers will support a new security feature provided by Intel. The so-called CET feature, or Control-flow Enforcement Technology will prevent vulnerabilities.…
Are you using Telegram? If so, you should know that the messaging app fixed a privacy-related vulnerability in the macOS app. The bug made it possible to access self-destructing audio and video messages even after they were gone from secret…
