A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. PayPal addresses reflected XSS bug in user wallet currency converter The kingpin behind Jokers Stash retires with a […]
The US is going to respond to the SolarWinds supply chain attack within weeks, national security adviser Jake Sullivan told CNN. The US will respond within weeks to the devastating SolarWinds supply cyber attack, national security adviser Jake Sullivan told CNN. “We are in the process now of working through, with the intelligence community and [President […]
Sequoia Capital, one of the most prominent venture capital firms, told its investors that an unauthorized third party had access to their information. Sequoia Capital, one of the most prominent venture capital firms that focus on the technology industry, discloses a data breach. The company informed its investors that an unauthorized third party had access to their […]
Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has released a second firmware update for the SMA-100 zero-day vulnerability that was exploited in attacks in the wild. SonicWall disclosed a security breach on January 22, it blamed sophisticated threat actors for the intrusion. On January, 29 […]
Experts warn of new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. Malware researchers at Red Canary uncovered a new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. According to data shared by Malwarebytes, as […]
A privacy bug in the Brave Browser caused the leak of the Tor onion URL addresses visited in the Tor mode by the users. A bug in the Private Window with Tor implemented in the Brave web browser could reveal the onion sites visited by the users. The Tor mode implemented in the Brave web […]
MassLogger Windows credential stealer infamous is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger apps. MassLogger Windows credential stealer is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger apps. Cisco Talos experts uncovered attacks against users in Turkey, Latvia, and Italy, the […]
Apple launched its M1 chip and cybercriminals developed a malware sample specifically for it, the latest generation of Macs are their next targets. The popular security researcher Patrick Wardle discovered one of the first malware designed to target latest generation of Apple devices using the company M1 chip. The discovery suggests threat actors are tailoring […]
Hackers abuse Google Apps Script to steal credit cards, bypass CSP Attackers are abusing Google’s Apps Script business application development platform to steal payment card information from e-stores. Sansec researchers reported that threat actors are abusing Google’s Apps Script business application development platform to steal credit card data provided by customers of e-commerce websites. “Attackers use […]
RIPE NCC has disclosed a failed credential stuffing attack against its infrastructure, it asking its members to enable 2FA for their accounts. RIPE NCC announced to have suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts. The RIPE NCC is a not-for-profit membership association, a Regional Internet Registry and the […]