A critical vulnerability has not received the attention it deserves
Hundreds Infected With ‘Wasp’ Stealer in Ongoing Supply Chain Attack
Security researchers are raising alarm on an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer.
Magento Vulnerability Increasingly Exploited to Hack Online Stores
E-commerce malware and vulnerability detection firm Sansec warns of a surge in cyberattacks targeting CVE-2022-24086, a critical mail template vulnerability affecting Adobe Commerce and Magento stores.
Long-Standing Chinese Cybercrime Campaign Spoofs Over 400 Brands
Threat intelligence firm Cyjax has uncovered a long-standing and sophisticated cybercrime campaign spoofing more than 400 popular brands.
Microsoft Patches MotW Zero-Day Exploited for Malware Delivery
Microsoft’s latest Patch Tuesday updates address six zero-day vulnerabilities, including one related to the Mark-of-the-Web (MotW) security feature that has been exploited by cybercriminals to deliver malware.
Black Basta Ransomware Linked to FIN7 Cybercrime Group
The highly active Black Basta ransomware has been linked by cybersecurity firm Sentinel One to the notorious Russian cybercrime group known as FIN7.
Over 250 US News Websites Deliver Malware via Supply Chain Attack
Hundreds of regional and national news websites in the United States are delivering malware as a result of a supply chain attack involving one of their service providers.
Engineering Workstations Used as Initial Access Vector in Many ICS/OT Attacks: Survey
Organizations are more confident in their ability to detect an OT breach
VMware Warns of Exploit for Recent NSX-V Vulnerability
VMware over the weekend warned of the existence of a public exploit targeting a recently addressed critical remote code execution (RCE) vulnerability in NSX Data Center for vSphere (NSX-V).
Critical ConnectWise Vulnerability Affects Thousands of Internet-Exposed Servers
IT management software provider ConnectWise on Friday announced updates that patch a critical vulnerability which, according to cybersecurity professionals, exposes thousands of servers to attacks.