information security news

U.S. CISA adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalogU.S. CISA adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog. The U.S.…

2 months ago
ChatGPT SSRF bug quickly becomes a favorite attack vectorChatGPT SSRF bug quickly becomes a favorite attack vector

ChatGPT SSRF bug quickly becomes a favorite attack vector

Threat actors exploit a server-side request forgery (SSRF) flaw, tracked as CVE-2024-27564, in ChatGPT, to target US financial and government…

2 months ago
GitHub Action tj-actions/changed-files was compromised in supply chain attackGitHub Action tj-actions/changed-files was compromised in supply chain attack

GitHub Action tj-actions/changed-files was compromised in supply chain attack

The GitHub Action tj-actions/changed-files was compromised, enabling attackers to extract secrets from repositories using the CI/CD workflow. Researchers reported that…

2 months ago
New StilachiRAT uses sophisticated techniques to avoid detectionNew StilachiRAT uses sophisticated techniques to avoid detection

New StilachiRAT uses sophisticated techniques to avoid detection

Microsoft discovered a new remote access trojan (RAT), dubbed StilachiRAT, that uses sophisticated techniques to avoid detection. In November 2024,…

2 months ago
Threat actors rapidly exploit new Apache Tomcat flaw following PoC release<gwmw style="display:none;"></gwmw>Threat actors rapidly exploit new Apache Tomcat flaw following PoC release<gwmw style="display:none;"></gwmw>

Threat actors rapidly exploit new Apache Tomcat flaw following PoC release<gwmw style="display:none;"></gwmw>

Threat actors began exploiting a recently disclosed Apache Tomcat vulnerability immediately after the release of a PoC exploit code. A…

2 months ago
Attackers use CSS to create evasive phishing messagesAttackers use CSS to create evasive phishing messages

Attackers use CSS to create evasive phishing messages

Threat actors exploit Cascading Style Sheets (CSS) to bypass spam filters and detection engines, and track users’ actions and preferences. …

2 months ago
Researcher releases free GPU-Based decryptor for Linux Akira ransomwareResearcher releases free GPU-Based decryptor for Linux Akira ransomware

Researcher releases free GPU-Based decryptor for Linux Akira ransomware

A researcher released a free decryptor for Linux Akira ransomware, using GPU power to recover keys through brute force. Security…

2 months ago
Denmark warns of increased state-sponsored campaigns targeting the European telcosDenmark warns of increased state-sponsored campaigns targeting the European telcos

Denmark warns of increased state-sponsored campaigns targeting the European telcos

Denmark 's cybersecurity agency warns of increased state-sponsored campaigns targeting the European telecom companies Denmark raised the cyber espionage threat…

2 months ago
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 37SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 37

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 37

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Undercover…

2 months ago
Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITIONSecurity Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…

2 months ago
Show more Posts
Show previous Posts