Patch Tuesday: Critical Flaws in Adobe Commerce, Photoshop, InDesign, Illustrator

/in

Adobe patches critical-severity bugs in multiple products, including the Adobe Commerce and Magento Open Source platforms.

The post Patch Tuesday: Critical Flaws in Adobe Commerce, Photoshop, InDesign, Illustrator appeared first on SecurityWeek.

SecurityWeek – ​Read More

‘GoIssue’ Cybercrime Tool Targets GitHub Developers En Masse

/in

Marketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches.

darkreading – ​Read More

Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance

/in

In a co-authored advisory, the agencies list the top 15 most routinely exploited vulnerabilities of 2023, with CVE-2023-3519 — an issue affecting Citrix’s networking product NetScalers — being the most widely used.

The Record from Recorded Future News – ​Read More

Citrix ‘Recording Manager’ Zero-Day Bug Allows Unauthenticated RCE

/in

The unpatched security vulnerability, which doesn’t have a CVE yet, is due to an exposed Microsoft Message Queuing (MSMQ) instance and the use of the insecure BinaryFormatter.

darkreading – ​Read More

Bitdefender vs. Malwarebytes: Which antivirus is best?

/in

Bitwarden offers feature-rich antivirus at a competitive price, while Malwarebytes focuses on protection against malware. Here’s how to decide between the two.

Latest stories for ZDNET in Security – ​Read More

The Power of the Purse: How to Ensure Security by Design

/in

CISA should make its recommended goals mandatory and perform audits to ensure compliance.

darkreading – ​Read More

GitLoker Strikes Again: New “Goissue” Tool Targets GitHub Developers and Corporate Supply Chains

/in

GoIssue is a new tool for cybercriminals that allows attackers to extract email addresses from GitHub profiles and send bulk emails to users.

The post GitLoker Strikes Again: New “Goissue” Tool Targets GitHub Developers and Corporate Supply Chains appeared first on SecurityWeek.

SecurityWeek – ​Read More

Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford

/in

Cybersecurity incident impacts Giant Food, Hannaford, and other Ahold Delhaize USA brands, including pharmacies and e-commerce services.

The post Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford appeared first on SecurityWeek.

SecurityWeek – ​Read More

New GitLoker-Linked GoIssue Tool Targets GitHub Users for Phishing

/in

SlashNext researchers have discovered a new, sophisticated phishing tool GoIssue targeting GitHub developers. Learn about its capabilities, the…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Form I-9 Compliance Data Breach Impacts Over 190,000 People

/in

The impact of a data breach suffered by Form I-9 Compliance is growing, with the number of affected individuals reaching 190,000.

The post Form I-9 Compliance Data Breach Impacts Over 190,000 People appeared first on SecurityWeek.

SecurityWeek – ​Read More