‘RegreSSHion’ Bug Threatens Takeover of Millions of Linux Systems
The high-severity CVE-2024-6387 in OpenSSH is a reintroduction of a 2006 flaw, and it allows unauthenticated RCE as root.
darkreading – Read More
Juniper Rushes Out Emergency Patch for Critical Smart Router Flaw
Although not yet exploited in the wild, the max-critical authentication bypass bug could allow adversaries to take over unpatched Juniper Session Smart Routers and Conductors, and WAN Assurance Routers, the company warns.
darkreading – Read More
PortSwigger Scores Hefty $112 Million Investment
The British company behind the popular Burp Suite pen-test utilities has banked a massive $112 million investment from Brighton Park Capital.
The post PortSwigger Scores Hefty $112 Million Investment appeared first on SecurityWeek.
SecurityWeek – Read More
Cyber A.I. Group Announces Substantial Expansion of Acquisition Pipeline
Pipeline Will Support Company’s Highly Proactive Buy & Build Business Model
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
3 New State-Backed Gangs Target Govt Sectors with HEAT Attack Methods
Global cyber gangs are evolving rapidly, wielding advanced techniques and enjoying state sponsorship. Menlo Security’s latest report exposes…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks
A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks.
The vulnerabilities allow “any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and
The Hacker News – Read More
Australian Man Arrested for “Evil Twin” Wi-Fi Scam Targeting Travelers
An Australian man faces charges for setting up fake Wi-Fi networks (“evil twins”) to steal data from unsuspecting…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Do you still need to pay for antivirus software in 2024?
Landlines. Checkbooks. AM radio. Let’s add third-party antivirus software to the list of things you can stop using.
Latest stories for ZDNET in Security – Read More
Apple CocoaPods Bugs Expose Millions of Apps to Code Injection
Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade.
darkreading – Read More
HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts
HubSpot is “actively investigating and blocking attempts” to hack into customer accounts but some targets have already been compromised.
The post HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts appeared first on SecurityWeek.
SecurityWeek – Read More