Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Red Hat Security Advisory 2024-5745-03

Red Hat Security Advisory 2024-5745-03 - The components for Red Hat OpenShift for Windows Containers 10.15.3 are now available.

Packet Storm
Open in Source
#vulnerability#mac#windows#red_hat#js
Google patches actively exploited zero-day in Chrome. Update now!

Google has released an update to Chrome that fixes one zero-day vulnerability and introduces Google Lens for desktop.

Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. "Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky. MoonPeak, under active development

The US Government Wants You—Yes, You—to Hunt Down Generative AI Flaws

The AI ethics nonprofit Humane Intelligence and the US National Institute of Standards and Technology are launching a series of contests to get more people probing for problems in generative AI systems.

Debian Security Advisory 5752-1

Debian Linux Security Advisory 5752-1 - Two vulnerabilities have been discovered in the IMAP implementation of large headers can result in high CPU usage, leading to denial of service.

Medical Center Portal 1.0 Cross Site Request Forgery

Medical Center Portal version 1.0 suffers from a cross site request forgery vulnerability.

Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details

In what's a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses. Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from

New macOS Malware TodoSwift Linked to North Korean Hacking Groups

Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket," Kandji security

MoonPeak malware from North Korean actors unveils new details on attacker infrastructure

Cisco Talos has uncovered a new remote access trojan (RAT) family we are calling “MoonPeak.” This a XenoRAT-based malware, which is under active development by a North Korean nexus cluster we are calling “UAT-5394.”