ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries… Read More »ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with… Read More »China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or… Read More »What is DevSecOps and Why is it Essential for Secure Software Delivery?
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. “The threat actor employs a multi-stage attack chain… Read More »Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware… Read More »NiceRAT Malware Targets South Korean Users via Cracked Software
Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week… Read More »U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137,… Read More »Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks
Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the… Read More »Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan
Meta on Friday said it’s delaying its efforts to train the company’s large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European… Read More »Meta Halts AI Training on EU User Data Amid Privacy Concerns
Google’s plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb (none of your business) said… Read More »Google’s Privacy Sandbox Accused of User Tracking by Austrian Non-Profit