The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery… Read More »Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird). The… Read More »Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown
The U.S. Federal Trade Commission (FTC) has ordered the mental telehealth company Cerebral from using or disclosing personal data for advertising purposes. It has also been fined more than $7… Read More »FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations
A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While… Read More »Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data. “Organizations often store a… Read More »Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks
Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised… Read More »AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to privileged identity management aims to mitigate… Read More »Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution
Cybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. “The latest iteration of LightSpy,… Read More »Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical… Read More »Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir ‘Abdallah… Read More »U.S. Treasury Hamas Spokesperson for Cyber Influence Operations