The United States Cybersecurity and Infrastructure Security Agency (CISA) and the Coast Guard Cyber Command (CGCYBER) have issued a joint advisory to warn organizations that threat actors continue to exploit the Log4Shell vulnerability in VMware Horizon and Unified Access Gateway (UAG) servers.
Security researchers at Lookout have analyzed a sophisticated Android spyware family that appears to have been created to serve nation-state customers.
Microsoft has fixed roughly 50 vulnerabilities with its June 2022 Patch Tuesday updates, including the actively exploited flaw known as Follina and CVE-2022-30190.
A Chinese state-sponsored threat actor known as Gallium has been using new malware in recent attacks that have been targeting organizations in the telecommunications, financial, and government sectors, Palo Alto Networks reports.
Cybercriminals likely operating out of China are distributing backdoored versions of iOS and Android Web3 wallets in an effort to steal users’ seed phrase.
A recently patched Confluence Server vulnerability is being exploited by multiple cybercrime and state-sponsored threat groups, according to Microsoft.
SentinelOne security researchers have analyzed the operations of a Chinese cyberespionage group that has been actively targeting education, government, and telecommunication organizations in Australia and Southeast Asia since at least 2013.
Security researchers with BlackBerry and Intezer have shared details on a new Linux malware that “parasitically” infects all running processes on a target machine.
Several malware families are being delivered using the recently disclosed Windows vulnerability identified as Follina and CVE-2022-30190, which remains without an official patch.
Threat actors have already started exploiting a severe vulnerability that Owl Labs addressed in its video conferencing devices earlier this week.
