Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection
Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible…
BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key
BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support…
Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation
Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has…
Apple Releases Urgent Patch for USB Vulnerability
The vulnerability could allow a threat actor to disable the security feature on a locked device and gain access to…
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to…
Apple Bug Allows Root Protections Bypass Without Physical Access
Emergent macOS vulnerability lets adversaries circumvent Apple’s System Integrity Protection (SIP) by loading third-party kernels. Emergent macOS vulnerability lets adversaries…
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an…
Attackers Hijack Google Advertiser Accounts to Spread Malware
It’s an especially brazen form of malvertising, researchers say, striking at the heart of Google’s business; the tech giant says…