CISA orders agencies to patch Linux kernel bug exploited in attacks
SkyNet Automation CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw…
BleepingComputer
Hackers spoof Microsoft ADFS login pages to steal credentials
A help desk phishing campaign targets an organization’s Microsoft Active Directory Federation Services (ADFS) using spoofed login pages…
AMD fixes bug that lets hackers load malicious microcode patches
AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load…
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks
The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog,…
Spain arrests suspected hacker of US and Spanish military agencies
The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public…
How attackers abuse S3 Bucket Namesquatting — And How to Stop Them
AWS S3 bucket names are global with predictable names that can be exploited in “S3 bucket namesquatting” attacks…
Zyxel won’t patch newly exploited flaws in end-of-life routers
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has…
Google Play, Apple App Store apps caught stealing crypto wallets
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS…
Cyber agencies share security guidance for network edge devices
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging…
Chinese cyberspies use new SSH backdoor in network device hacks
A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process…