Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

New macOS Malware TodoSwift Linked to North Korean Hacking Groups

Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket," Kandji security

The Hacker News
#mac#apple#google#backdoor#pdf#The Hacker News
Czech Mobile Users Targeted in New Banking Credential Theft Scheme

Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak cybersecurity company ESET. "The phishing

Simple Machines Forum 2.1.4 Code Injection

Simple Machines Forum version 2.1.4 suffers from an authenticated code injection vulnerability.

Millennials’ sense of privacy uniquely tested in romantic relationships

Millennials, equipped with a strong sense of privacy in relationships, are still sharing their online accounts at similar rates of Gen Z.

How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

An adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft's applications to gain their entitlements and user-granted permissions.

Build Your Own Botnet 2.0.0 Remote Code Execution

Build Your Own Botnet (BYOB) version 2.0.0 exploit that works by spoofing an agent callback to overwrite the sqlite database and bypass authentication and exploiting an authenticated command injection in the payload builder page.