Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022, Sansec researchers warned of a surge in hacking attempts... Read more »
A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also... Read more »
Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According to a joint advisory published by the FBI and... Read more »
Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered several vulnerabilities in F5 BIG-IP and BIG-IQ devices running... Read more »
North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe and Latin America. North Korea-linked APT Lazarus is using... Read more »
Fortinet researchers discovered new samples of RapperBot used to build a botnet to launch Distributed DDoS attacks against game servers. Fortinet FortiGuard Labs researchers have discovered new samples of... Read more »
Google announced it will roll out the Privacy Sandbox system for Android in beta to a limited number of Android 13 devices in early 2023. Google announced it will... Read more »
Happy BirthDay Security Affairs! Eleven years together! I launched Security Affairs for passion in November 2011 and since then the blog was visited by tens of millions of readers.... Read more »
Researchers discovered a critical vulnerability impacting Spotify’s Backstage Software Catalog and Developer Platform. Researchers from the security firm Oxeye discovered a critical Remote Code Execution in Spotify’s Backstage (CVSS... Read more »
Researchers disclosed technical details of critical SQLi and access vulnerabilities in the Zendesk Explore Service. Cybersecurity researchers at Varonis disclosed technical details of critical SQLi and access vulnerabilities impacting... Read more »
