OpenSSL patched high-severity flaw CVE-2024-12797

OpenSSL patched the vulnerability CVE-2024-12797, a high-severity flaw found by Apple that enables man-in-the-middle attacks. The OpenSSL Project addressed a high-severity vulnerability, tracked as CVE-2024-12797, in its secure communications... Read more »

Progress Software fixed multiple high-severity LoadMaster flaws

Progress Software fixed multiple vulnerabilities in its LoadMaster software, which could be exploited to execute arbitrary system commands. Progress Software has addressed multiple high-severity security vulnerabilities (CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, CVE-2024-56135)... Read more »

Artificial intelligence (AI) as an Enabler for Enhanced Data Security

Artificial intelligence enhances data security by identifying risks and protecting sensitive cloud data, helping organizations stay ahead of evolving threats. Artificial intelligence (AI) is transforming industries and redefining how... Read more »

Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Sucuri researchers observed threat actors leveraging Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores. Sucuri researchers found threat actors using Google Tag Manager (GTM) to deploy... Read more »

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware... Read more »

Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’

Apple released iOS and iPadOS updates to address a zero-day likely exploited in extremely sophisticated attacks targeting specific individuals. Apple released emergency security updates to address a zero-day vulnerability,... Read more »

HPE is notifying individuals affected by a December 2023 attack

Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors. Hewlett Packard Enterprise has started notifying individuals whose personal... Read more »

XE Group shifts from credit card skimming to exploiting zero-days

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. A recent investigation by researchers from Intezer and Solis Security shed... Read more »

UK Gov demands backdoor to access Apple iCloud backups worldwide

UK secretly demands Apple create an iCloud backdoor via a Technical Capability Notice, raising privacy concerns over end-to-end encryption. The UK demands Apple to create a backdoor to access... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 32

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Malicious packages deepseeek and deepseekai published in Python Package Index  ... Read more »
Subscribe to our Newsletter