Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks
The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee…
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. “Once deployed, the…
Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection
Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible…
BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key
BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support…
Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation
Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has…
Apple Releases Urgent Patch for USB Vulnerability
The vulnerability could allow a threat actor to disable the security feature on a locked device and gain access to…
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to…
Apple Bug Allows Root Protections Bypass Without Physical Access
Emergent macOS vulnerability lets adversaries circumvent Apple’s System Integrity Protection (SIP) by loading third-party kernels. Emergent macOS vulnerability lets adversaries…