Vulnerability in OAuth, XSS for millions of websites
A critical vulnerability within the OAuth authentication standard poses a substantial risk to millions of websites and their users, potentially…
RansomHub ransomware: a new threat in the cybercrime landscape
Cybersecurity researchers at Lab52 have highlighted the rise of the RansomHub ransomware gang, which employs a mix of old and…
Ongoing exploitation of VMware ESXi vulnerability CVE-2024-37085
A vulnerability in VMware’s ESXi virtualization platform, identified as CVE-2024-37085, continues to leave thousands of servers susceptible to ransomware attacks.…
Leveraging AI/ML to improve MDR efficiency and reduce false positives
Key Findings from the 2023 MDR Analysis Report: AI/ML in Incident Detection: Challenges and Solutions: Balancing Detection and False Positives:…
EchoSpoofing campaign exploits Proofpoint vulnerability
An unknown attacker exploited a vulnerability in Proofpoint’s email routing settings to send mass fraudulent messages impersonating well-known companies such…
Russian information operations target French snap elections: operation “Doppelgänger”
From early June to late July 2024, Russian actors conducted a series of sophisticated information operations under the code name…
Ransomware threats loom over Paris 2024 olympics
A recent study by ExtraHop has highlighted the near inevitability of ransomware attacks targeting the Paris 2024 Olympics. The event’s…
Apache superset security update: addressing CVE-2024-34693
The Apache Software Foundation has released critical security updates to mitigate an arbitrary file read vulnerability (CVE-2024-34693) in Apache Superset.…
Kaspersky unveils the return of Mandrake Android spyware on Google Play Store
Kaspersky researchers have uncovered the resurgence of the Mandrake Android spyware, which has been active on the Google Play Store…