The Drupal security team has released a “moderately critical” advisory to call attention to serious vulnerabilities in a third-party library and warned that hackers can exploit the bugs to remotely hijack Drupal-powered websites.
Bug hunters at Microsoft are calling attention to several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps, warning that exploitation could have allowed the implantation of a persistent backdoor on Android devices.
Researchers at Google’s Threat Analysis Group (TAG) say the number of advanced threat actors using Ukraine war-related themes in cyberattacks went up in April with a surge in malware attacks targeting critical infrastructure.
Security researchers at Mandiant are documenting the discovery of a new hacking group focused on cyberespionage targeting employees responsible for corporate development, large corporate transactions, and mergers and acquisitions.
Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.
Software maker Adobe on Tuesday shipped urgent security updates to fix code execution vulnerabilities in the widely deployed Illustrator and After Effects products.
A group of academic researchers has found a way to exploit a security flaw in the encryption algorithm used by the Hive ransomware to recover hijacked and encrypted data.
Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers’ reporting of data breaches.
If defenders needed any more urgency to patch and mitigate the explosive Log4j zero-day, along comes word that APT actors linked to China, Iran, North Korea and Turkey have already pounced and are actively exploiting the CVSS 10.0 vulnerability.
Security researchers at Google’s Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that included a PDF file pretending to be a GIF image with a custom-coded virtual CPU built out of boolean pixel operations.
