Collaborate Disseminate
Legions of website visitors could be infected with drive-by malware, among other issues, thanks to a CSRF bug in Real-Time Search and Replace. Continue reading WordPress Plugin Bug Opens 100K Websites to Compromise
The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia — and could be the work of the OceanLotus APT. Continue reading Sophisticated Android Spyware Attack Spreads via Google Play
A pre-auth SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan. Continue reading Hackers Mount Zero-Day Attacks on Sophos Firewalls
The free online conference, scheduled for April 28-30, will feature top security researchers from across the industry. Continue reading SAS@home Virtual Summit Showcases New Threat Intel, Industry Changes
Sindhi-language characters can crash iPhones and other iOS/macOS devices if a victim views texts, Twitter posts or messages within various apps containing them. Continue reading Latest Apple Text-Bomb Crashes iPhones via Message Notifications
Iran’s Charming Kitten and other nation-state actors are using the coronavirus pandemic to their advantage, for espionage. Continue reading A Dozen Nation-Backed APTs Tap COVID-19 to Cover Spy Attacks
The rapidly evolving Hoaxcalls botnet is exploiting an unpatched vulnerability in the ZyXEL Cloud CNM SecuManager in a bid to widen its spread. Continue reading Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug
Users should update their firmware for three popular smart-home hubs. Continue reading Connected Home Hubs Open Houses to Full Remote Takeover
Researchers weigh in on potential security concerns surrounding the 2020 NFL Draft. Continue reading NFL Tackles Cybersecurity Concerns Ahead of 2020 Draft Day
Three separate flaws can be chained to achieve full system compromise. Continue reading RCE Exploit Released for IBM Data Risk Manager, No Patch Available