230M stolen passwords met complexity requirements—and were still compromised. Passwords aren’t going away for now, but there are new technologies that may increasingly replace them. Learn more from Specops Software about how to protect your passwords. […]
Category Archives: Security
Auto Added by WPeMatico
A threat actor named ‘RedCurl,’ known for stealthy corporate espionage operations since 2018, is now using a ransomware encryptor designed to target Hyper-V virtual machines. […]
Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor. […]
Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser’s sandbox and deploy malware in espionage attacks targeting Russian organizations. […]
CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. […]
Cloudflare has announced that its R2 object storage and dependent services experienced an outage lasting 1 hour and 7 minutes, causing 100% write and 35% read failures globally. […]
Broadcom released security updates today to fix a high-severity authentication bypass vulnerability in VMware Tools for Windows. […]
Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by tricking targets into viewing malicious files in Windows Explorer. […]
A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. […]
A new phishing campaign targets Counter-Strike 2 players utilizing Browser-in-the-Browser (BitB) attacks that display a realistic window that mimics Steam’s login page. […]