Malware and Vulnerabilities

Dutch cybersecurity researchers have discovered a backdoor account in 100,000 networking devices manufactured by Zyxel, which may grant hackers accessibility to all those vulnerable devices and put data at risk.The password and username (zyfwp/PrOw! AN_fXp) was observable in one...

Threat Intelligence researchers from cybersecurity firm Avast have identified malware hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions that may have affected 30 lakh users worldwide.Three million Google Chrome and Microsoft Edge users could be...

Adobe's final key patch around 2020 has coped with random code and JavaScript implementation bugs.Adobe's past scheduled security update of this year has solved critical vulnerabilities from Lightroom, Prelude, and Expertise Supervisor.The initial fix was issued for Adobe Lightroom,...

Security researchers have identified 33 security defects in four accessible TCP/IP piles used across a broad selection of intelligent products.Security researchers have revealed now 33 security defects in four accessible TCP/IP libraries now used within the firmware of merchandise...

Do not assume there is not somebody out there who is willing and ready to discover the ideal bug to hack on your smartphone, warns Google Project Zero researcher.A Google Project Zero (GPZ) insect hunter that specializes in iPhone...

A vulnerability in MobileIron mobile device management applications is used by state-backed hackers and organized crime warns the safety bureau.State-backed hackers and criminal gangs are now actively utilizing a vulnerability in mobile device management (MDM) applications to successfully get...

New WAPDropper malware signals users up to premium services supplied from telecoms from Thailand and Malaysia.Security researchers have discovered a new breed of Android malware has been now dispersed in the wild, mostly targeting users situated in Southeast Asia.Launched...

TikTok has patched a reflected XSS security defect along with a bug leading into account takeover affecting the company's domain.As reported via the Bug bounty platform system HackerOne by writer Muhammed"Milly" Taskiran, the initial exposure relates to a URL...

Chinese state-sponsored attackers are working a significant worldwide campaign against several verticals harnessing the Zerologon vulnerability, based on a new study from Symantec.APT10 is well known to investigators, having been unmasked as the thing behind the notorious Cloud Hopper...

Magecart Version has Shifted and You Ought to be Attentive, warns RiskIQA new offshoot of this Grelos card-skimming malware - a more standard Magecart version - is doing the rounds, based on infosec biz RiskIQ.A special cookie linked to...