The recently discovered Windows ransomware IceFire now also targets Linux enterprise networks in multiple sectors. SentinelLabs researchers discovered new Linux versions of the recently discovered IceFire ransomware that was... Read more »
A threat actor tracked as 8220 Gang has been spotted using a new crypter called ScrubCrypt in cryptojacking campaigns. Fortinet researchers observed the mining group 8220 Gang using a... Read more »
CloudBees vulnerabilities in the Jenkins open-source automation server can be exploited to achieve code execution on targeted systems. Researchers from cloud security firm Aqua discovered a chain of two... Read more »
Fortinet addressed a critical heap buffer underflow vulnerability affecting FortiOS and FortiProxy, which can lead to arbitrary code execution. Fortinet addressed a critical buffer underwrite (‘buffer underflow’) vulnerability, tracked... Read more »
Veeam addressed a high-severity vulnerability in the Backup Service that impacts Backup & Replication software. Veeam addressed a high-severity vulnerability in the Backup Service, tracked as CVE-2023-27532 (CVSS v3... Read more »
North Korea-linked Lazarus APT group exploits a zero-day vulnerability in attacks aimed at a South Korean financial entity. ASEC (AhnLab Security Emergency Response Center) observed North Korea-linked Lazarus APT group exploiting a zero-day... Read more »
US CISA added actively exploited flaws in Teclib GLPI, Apache Spark, and Zoho ManageEngine ADSelfService Plus to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited... Read more »
China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked... Read more »
Security researchers warn of hacking attempts in the wild exploiting critical vulnerabilities in VMware NSX Manager. Cyber security firm Wallarm is warning of ongoing attacks exploiting the critical flaws,... Read more »
Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. Cybersecurity researchers from Morphisec discovered a new, advanced information stealer, dubbed SYS01 stealer, that since November... Read more »
