Collaborate Disseminate
The new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal.
The post Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server appeared first on SecurityWeek.
Continue reading Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server
UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee set for May 1, 2024.
The post UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike appeared f… Continue reading UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike
JFrog raises an alarm after finding three large-scale malware campaigns targeting Docker Hub with imageless repositories.
The post Docker Hub Users Targeted With Imageless, Malicious Repositories appeared first on SecurityWeek.
Continue reading Docker Hub Users Targeted With Imageless, Malicious Repositories
Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.
The post Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover appeared first on SecurityWeek.
Continue reading Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover
Mainsail Partners leads a $15 million financing round for end-to-end cybersecurity compliance platform company Apptega.
The post Apptega Raises $15 Million for Cybersecurity Compliance Platform appeared first on SecurityWeek.
Continue reading Apptega Raises $15 Million for Cybersecurity Compliance Platform
While China-linked Muddling Meerkat’s operations look like DNS DDoS attacks, it seems unlikely that denial of service is their goal, at least in the near term.
The post Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report appeared … Continue reading Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report
A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain attack.
The post Vulnerability in R Programming Language Could Fuel Supply Chain Attacks appeared … Continue reading Vulnerability in R Programming Language Could Fuel Supply Chain Attacks
In 2023, Google said it blocked 2.28 million bad applications from being published on Google Play and banned 333,000 developer accounts.
The post Google Says it Blocked 2.28 Million Apps from Google Play Store appeared first on SecurityWeek.
Continue reading Google Says it Blocked 2.28 Million Apps from Google Play Store
US healthcare giant is warning millions of current and former patients that their personal information was exposed to third-party advertisers.
The post Kaiser Permanente Data Breach Impacts 13.4 Million Patients appeared first on SecurityWeek.
Continue reading Kaiser Permanente Data Breach Impacts 13.4 Million Patients
Okta warned of a spike in credential stuffing attacks using anonymizing services such as Tor, DataImpulse, Luminati, and NSocks.
The post Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies appeared first on SecurityWeek.
Continue reading Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies