Critical ConnectWise RMM Bug Poised for Exploitation Avalanche
Two days after disclosure, most instances of the remote desktop tool remain unpatched, while cyberattackers have started in-the-wild exploitation —…
February 2024
El Al Flight Crew Suffers Midflight Communication Disruption
Though the incident took place over a known Houthi area, some say this incident was at the hands of a…
DoT, White House Tackle the Chinese Threat to US Port Security
New investments and Coast Guard authority aim to curb the alleged threat that Chinese vendors pose to American maritime security.
Critical Vulnerability in VMware vSphere Plug-in Allows Session Hijacking
Admins are urged to remove vSphere's vulnerable Enhanced Authentication Plug-in, which was discontinued nearly three years ago but is still…
How CISOs Balance Business Growth, Security in Cyber-Threat Landscape
Collaboration, care, and proactive planning need to be part of CISO toolboxes as worsening threat environments become the new normal.…
Iranian APTs Dress Up as Hacktivists for Disruption, Influence Ops
Iran has taken a page from the Russian playbook: Passing off military groups as civilians for the sake of PR…
Library Cyber Defenses Are Falling Down
Librarians are being asked to defend themselves online against sophisticated and complex attacks. It's an unequal fight.
AI-Generated Patches Could Ease Developer, Operations Workload
Using information from a common technique for finding vulnerabilities, Google's Gemini LLM can produce patches for 15% of such bugs.…
New Wave of ‘Anatsa’ Banking Trojans Targets Android Users in Europe
Users have already downloaded droppers for the malware from Google's official Play store more than 100,000 times since last November.
Joomla XSS Bugs Open Millions of Websites to RCE
Improper content filtering in a core function allows multiple paths to exploitation for CVE-2024-21726.