hacking news – Page 8 – Search.AI.Wiki

Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks

Russia-linked threat actor Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software.

Russian APT group Winter Vivern (aka TA473) has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023.

ESET researchers …

Pwn2Own Toronto 2023 Day 1 – organizers awarded $438,750 in prizes

The Pwn2Own Toronto 2023 hacking contest has begun and during the first day, participants received $438,750 in prizes!

During the Day 1 of the Pwn2Own Toronto 2023 hacking contest, the organization has awarded a total of $438,750 in prizes!

Team …

Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately

Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances.

Citrix is urging administrators to secure all NetScaler ADC and Gateway appliances against the CVE-2023-4966 vulnerability, which is actively exploited in attacks.

On October 10, …

New England Biolabs leak sensitive data

On September 18th, the Cybernews research team discovered two publicly hosted environment files (.env) attributed to New England Biolabs.

Leaving environment files open to the public is one of the simplest mistakes that web admins can make, but it can …

Former NSA employee pleads guilty to attempted selling classified documents to Russia

A former NSA employee has pleaded guilty to charges of attempting to transmit classified defense information to Russia.

Jareh Sebastian Dalke (31), a former NSA employee has admitted to attempting to convey classified defense information to Russia, pleading guilty to …

Experts released PoC exploit code for VMware Aria Operations for Logs flaw. Patch it now!

VMware is aware of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass flaw in VMware Aria Operations for Logs.

VMware warned customers of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass vulnerability, …

How did the Okta Support breach impact 1Password?

1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system.

The password management and security application 1Password announced it had detected suspicious activity on its Okta instance on September 29, but excluded that …

How did the Okta Support breach impact 1Password?

1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system.

The password management and security application 1Password announced it had detected suspicious activity on its Okta instance on September 29, but excluded that …

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Hundreds of millions of PII records belonging to Indian residents, including Aadhaar cards, are being offered for sale on the Dark Web.

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

In early …

Spain police dismantled a cybercriminal group who stole the data of 4 million individuals

The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over four million individuals.

The Spanish police have arrested 34 members of a cybercriminal group that is suspected to have stolen …

CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog

US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The vulnerability …

CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog

US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The vulnerability …

Cisco warns of a second IOS XE zero-day used to infect devices worldwide

Cisco found a second IOS XE zero-day vulnerability, tracked as CVE-2023-20273, which is actively exploited in attacks in the wild.

Cisco last week warned customers of a zero-day vulnerability, tracked as CVE-2023-20198 (CVSS score 10), in its IOS XE Software …

City of Philadelphia suffers a data breach

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts.

The City of Philadelphia announced it is investigating a data breach after attackers that …

SolarWinds fixed three critical RCE flaws in its Access Rights Manager product

Researchers discovered three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product.

Security researchers discovered three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product.

SolarWinds Access Rights Manager (ARM) is a software …

Don’t use AI-based apps, Philippine defense ordered its personnel

The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits.

The Philippine defense warned of the risks of using AI-based applications to generate personal portraits and ordered its personnel to stop using them.

On October …

Don’t use AI-based apps, Philippine defense ordered its personnel

The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits.

The Philippine defense warned of the risks of using AI-based applications to generate personal portraits and ordered its personnel to stop using them.

On October …

Vietnamese threat actors linked to DarkGate malware campaign

Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., the U.S., and India.

WithSecure researchers linked the recent attacks using the DarkGate malware to a Vietnamese cybercrime group previously known for the …

Russia-linked threat actor Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software.

The Pwn2Own Toronto 2023 hacking contest has begun and during the first day, participants received $438,750 in prizes!

Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances.

On September 18th, the Cybernews research team discovered two publicly hosted environment files (.env) attributed to New England Biolabs.

A former NSA employee has pleaded guilty to charges of attempting to transmit classified defense information to Russia.

VMware is aware of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass flaw in VMware Aria Operations for Logs.

1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system.

1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system.

Hundreds of millions of PII records belonging to Indian residents, including Aadhaar cards, are being offered for sale on the Dark Web.

The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over four million individuals.

US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

Cisco found a second IOS XE zero-day vulnerability, tracked as CVE-2023-20273, which is actively exploited in attacks in the wild.

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts.

Researchers discovered three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product.

The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits.

The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits.

Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., the U.S., and India.

MI5 chief warns Chinese cyber espionage reached an epic scale, more than 20,000 people in the UK have now been targeted.

The International Criminal Court revealed the recent attack was carried out by a threat actor for espionage purposes.