mitch6 hours agoLazarus hackers breach six companies in watering hole attacksbleepingcomputer.com - Bill ToulasIn a recent espionage campaign, the infamous North Korean threat group Lazarus targeted multiple organizations in the software, IT, finance, and …
mitch13 hours agoLinux 'io_uring' security blindspot allows stealthy rootkit attacksbleepingcomputer.com - Bill ToulasA significant security gap in Linux runtime security caused by the 'io_uring' interface allows rootkits to operate undetected on systems while …
mitch2 days agoCookie-Bite attack PoC uses Chrome extension to steal session tokensbleepingcomputer.com - Bill ToulasA proof-of-concept attack called "Cookie-Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor …
mitch3 days agoApple Issues Urgent Warning Against 'Extremely Dangerous' Attack: What To Do NextMashable - Priya SinghApple has rolled out a critical security update, iOS 18.4.1, urging all iPhone users to install it immediately to protect against two actively exploited vulnerabilities. These flaws, found in the CoreAudio and Pointer Authentication systems, could allow attackers to execute arbitrary code and …
mitch4 days agoPhishers abuse Google OAuth to spoof Google in DKIM replay attackbleepingcomputer.com - Ionut IlascuIn a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google's systems, passing …
mitch6 days agoCisco Webex bug lets hackers gain code execution via meeting linksbleepingcomputer.com - Sergiu GatlanCisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code …
