Security
Headlines
HeadlinesLatestCVEs

Tag

#google

LinkedIn bots and spear phishers target job seekers

The #opentowork hashtag may attract the wrong crowd as criminals target LinkedIn users to steal personal information, or scam them.

Malwarebytes
#web#google#microsoft#amazon#git#aws#auth#sap
The US Needs a Better Energy Grid to Win the AI Arms Race

The longer we avoid reform, the further behind we'll fall in AI innovation — and the more vulnerable we'll be.

Bumblebee Malware Is Buzzing Back to Life

Despite a law enforcement sweep last May, the sophisticated downloader malware is re-emerging.

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result

Millions of iOS and Android Users at Risk as Popular Apps Expose Cloud Keys

Millions of iOS and Android users are at risk after Symantec discovered that popular apps contain hardcoded, unencrypted…

The Global Surveillance Free-for-All in Mobile Ad Data

Not long ago, the ability to remotely track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a powerful surveillance tool that should only be in the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access this capability, thanks to a proliferation of commercial services that hoover up the digital exhaust emitted by widely-used mobile apps and websites.

Highlighting TA866/Asylum Ambuscade Activity Since 2021

TA866 (also known as Asylum Ambuscade) is a threat actor that has been conducting intrusion operations since at least 2020.

Samsung Zero-Day Vuln Under Active Exploit, Google Warns

If exploited, bad actors can execute arbitrary code while evading detection thanks to a renamed process.

Swarms of Fake WordPress Plug-ins Infect Sites With Infostealers

GoDaddy flagged a ClickFix campaign that infected 6,000 sites in a one-day period, with attackers using stolen admin credentials to distribute malware.