+84949482065
Atlassian has released an advisory warning of a critical unauthenticated remote code execution vulnerability in its Confluence Server and Data Center. The flaw, which affects all currently supported versions of…
Banks in Singapore are being required to take steps to help protect customers from online fraud. The new measures require that the banks provide customers with a kill switch that…
More than 300 users were tricked into downloading a malicious package that was uploaded to the Python Package Index (PyPI) registry. The malicious package infects Windows, macOS, and Linux systems…
ShadowServer says that when they scanned for accessible Kubernetes API instances, they found more than 380,000 that allowed some form of access on the public Internet. The scans identified 450,000…
Researchers at Microsoft have noted a “254% increase in activity from a Linux trojan called XorDdos” over the past six months. XorDdos was first detected in 2014; it targets Linux…
The new VMware, as part of Broadcom, to offer enterprise customers greater choice and flexibility to address the most complex IT infrastructure challenges. More https://www.broadcom.com/company/news/financial-releases/60271
This was a simple oversight and there is no evidence it's been exploited. While authentication and most rights were indeed checked, the check that the gem you were accessing was…
A critical vulnerability in F5’s Big-IP appliances is being actively exploited. F5 released fixes for the flaw last week. The flaw affects the Big-IP iControl REST authentication component. It can…
This campaign involves Lazarus Group targeting users with spearphishing emails, then installing a set of malicious apps called “TraderTraitor” that disguise themselves as a legitimate cryptocurrency trading application. The ultimate…
GitHub has updated its alert regarding breaches using stolen OAuth token to include a timeline of the attackers’ activity. The threat actor used the tokens to steal repositories belonging to…
