The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.… Read More »CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680, has… Read More »Firefox Zero-Day Under Attack: Update Your Browser Immediately
Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the… Read More »Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. “The vulnerabilities… Read More »Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret.… Read More »N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware
Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However,… Read More »Social Media Accounts: The Weak Link in Organizational SaaS Security
Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118… Read More »Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild
Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion… Read More »Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks
Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads. “These attacks capitalize on… Read More »Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines
Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction… Read More »Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited