Windows Apps Vulnerable to Command Injection via “BatBadBut” Flaw

/in

By Deeba Ahmed

Critical ‘BatBadBut’ Flaw in Windows Lets Hackers Inject Commands (Patch Now!)

This is a post from HackRead.com Read the original post: Windows Apps Vulnerable to Command Injection via “BatBadBut” Flaw

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Space Force Is Planning a Military Exercise in Orbit

/in

Two satellites will engage in a “realistic threat response scenario” when Victus Haze gets underway.

Security Latest – ​Read More

Roku Breach Hits 567,000 Users

/in

Plus: Apple warns iPhone users about spyware attacks, CISA issues an emergency directive about a Microsoft breach, and a ransomware hacker tangles with an unimpressed HR manager named Beth.

Security Latest – ​Read More

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

/in

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo
Alto Networks PAN-OS software dating back to March 26, 2024, nearly three
weeks before it came to light yesterday.

The network security company’s Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work of a single threat actor of

The Hacker News – ​Read More

CISA Orders Agencies Impacted by Microsoft Hack to Mitigate Risks

/in

CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group.

Cyware News – Latest Cyber News – ​Read More

North Korean Hackers Exploit Two MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse

/in

The first, not entirely new, sub-technique involves manipulation of Transparency, Consent, and Control (TCC), a security protocol that regulates application permissions on Apple’s macOS.

Cyware News – Latest Cyber News – ​Read More

Telegram Fixes Windows App Zero-Day Used to Launch Python Scripts

/in

A proof of concept exploit was shared on the XSS hacking forum explaining that a typo in the source code for Telegram for Windows could be exploited to send Python .pyzw files that bypass security warnings when clicked.

Cyware News – Latest Cyber News – ​Read More

FBI Warns of Massive Wave of Road Toll SMS Phishing Attacks

/in

While the mobile phishing campaign has yet to reach some U.S. regions, this can be explained by the fact that complaint information collected so far by IC3 indicates the scam may be moving from state to state.

Cyware News – Latest Cyber News – ​Read More

iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks

/in

By Deeba Ahmed

Apple has issued iPhone security alerts to 92 countries, stating that their devices have been targeted by a mercenary spyware attack, expressing high confidence in the warning.

This is a post from HackRead.com Read the original post: iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

CISA’s Malware Analysis Platform Could Foster Better Threat Intel

/in

But just how the government differentiates its platform from similar private-sector options remains to be seen.

darkreading – ​Read More