Nuclei flaw bypasses template signature checks to execute commands
A new vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on ...
Google Chrome is making it easier to share specific parts of long PDFs
Google is adding the Text Fragment feature to its PDF reader to make it easier to share specific parts of long PDFs.
New FireScam Android malware poses as RuStore app to steal data
A new Android malware named 'FireScam' is being distributed as a premium version of the Telegram app via phishing websites on ...
Bad Tenable plugin updates take down Nessus agents worldwide
Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on ...
US sanctions Chinese company linked to Flax Typhoon hackers
The U.S. Treasury Department has sanctioned Beijing-based cybersecurity company Integrity Tech (also known as Yongxin ...
Malicious npm packages target Ethereum developers' private keys
Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private ...
Apple offers $95 million in Siri privacy violation settlement
Apple has agreed to pay $95 million to settle a class action lawsuit in the U.S. alleging that its Siri assistant recorded ...
French govt contractor Atos denies Space Bears ransomware attack claims
French tech giant Atos, which secures communications for the country's military and secret services, has denied claims made by the Space Bears ransomware gang that they compromised one of its ...
Ransomware gang leaks data stolen in Rhode Island's RIBridges Breach
The Brain Cipher ransomware gang has begun to leak documents stolen in an attack on Rhode Island's "RIBridges" social ...
New DoubleClickjacking attack exploits double-clicks to hijack accounts
A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive ...
Chinese hackers targeted sanctions office in Treasury attack
Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department ...
Over 3 million mail servers without encryption exposed to sniffing attacks
Over three million POP3 and IMAP mail servers without TLS encryption are currently exposed on the Internet and vulnerable to network sniffing attacks.