information security news

Attackers can bypass middleware auth checks by exploiting critical Next.js flaw<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

A critical flaw in the Next.js React framework could be exploited to bypass authorization checks under certain conditions. Maintainers of…

2 weeks ago

FBI warns of malicious free online document converters spreading malware<gwmw style="display: none; background-color: transparent;"></gwmw>

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The…

2 weeks ago

Cloak ransomware group hacked the Virginia Attorney General’s Office

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney General’s Office that occurred in February. The…

2 weeks ago

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 38

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting…

2 weeks ago

Security Affairs newsletter Round 516 by Pierluigi Paganini – INTERNATIONAL EDITION<gwmw style="display:none;"></gwmw>

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…

2 weeks ago

UAT-5918 ATP group targets critical Taiwan

Cisco Talos found UAT-5918, active since 2023, using web shells and open-source tools for persistence, info theft, and credential harvesting.…

2 weeks ago

U.S. Treasury removed sanctions against the crypto mixer service Tornado Cash<gwmw style="display: none; background-color: transparent;"></gwmw>

The U.S. Treasury is lifting sanctions on Tornado Cash, a crypto mixer accused of helping North Korea's Lazarus Group launder…

2 weeks ago

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Russian zero-day broker Operation Zero is looking for exploits for the popular messaging app Telegram, offering up to $4 million…

2 weeks ago

RansomHub affiliate uses custom backdoor Betruger<gwmw style="display:none;"></gwmw>

Symantec researchers linked a custom backdoor, called Betruger, found in recent ransomware attacks to an affiliate of the RansomHub operation.…

2 weeks ago

Cisco Smart Licensing Utility flaws actively exploited in the wild

Experts warn of the active exploitation of two recently patched security vulnerabilities affecting Cisco Smart Licensing Utility. Cisco disclosed two…

2 weeks ago

This website uses cookies.