GST Invoice Billing Inventory exposes sensitive data to threat actors
GST Invoice Billing Inventory, a business accounting app for small and medium businesses with over 1M downloads has left a…
Security
Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw
The U.S. CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies.…
AI and Mass Spying
Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective…
ENISA published ENISA Threat Landscape for DoS Attacks
ENISA published the ENISA Threat Landscape for DoS Attacks report to bring new insights to the DoS threat landscape. Denial-of-Service…
Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts
Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Microsoft’s…
The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.
Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective…
Google fixed critical zero-click RCE in Android
Google fixed a critical zero-click RCE vulnerability (CVE-2023-40088) with the release of the December 2023 Android security updates. Google December…
Bolstering API Security: Introducing Wallarm’s API Attack Surface Management (AASM)
In the fast-paced digital world, think of Application Programming Interfaces (APIs) as the threads that stitch together the fabric of…
New P2PInfect bot targets routers and IoT devices
Cybersecurity researchers discovered a new variant of the P2PInfect botnet that targets routers and IoT devices. Researchers at Cado Security…
Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware
Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks…