Octo2 Malware Uses Fake NordVPN, Chrome Apps to Infect Android Devices

/in

Octo2 malware is targeting Android devices by disguising itself as popular apps like NordVPN and Google Chrome. This…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Relyance AI Raises $32 Million for Data Governance Platform

/in

Relyance AI has raised $32 million in Series B funding to develop its data governance platform and scale operations.

The post Relyance AI Raises $32 Million for Data Governance Platform appeared first on SecurityWeek.

SecurityWeek – ​Read More

GitLab Patches Pipeline Execution, SSRF, XSS Vulnerabilities

/in

The latest GitLab update resolves eight vulnerabilities, including critical- and high-severity pipeline execution flaws.

The post GitLab Patches Pipeline Execution, SSRF, XSS Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

Recent Veeam Vulnerability Exploited in Ransomware Attacks

/in

Sophos warns of ransomware operators exploiting a critical code execution vulnerability in Veeam Backup & Replication.

The post Recent Veeam Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

Fidelity Investments Data Breach Impacts 77,000 Customers

/in

Fidelity Investments is informing 77,000 individuals that their personal information was compromised in a data breach.

The post Fidelity Investments Data Breach Impacts 77,000 Customers appeared first on SecurityWeek.

SecurityWeek – ​Read More

OpenAI Says Iranian Hackers Used ChatGPT to Plan ICS Attacks

/in

OpenAI has disrupted 20 cyber and influence operations this year, including the activities of Iranian and Chinese state-sponsored hackers.

The post OpenAI Says Iranian Hackers Used ChatGPT to Plan ICS Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

/in

GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches.
Tracked as CVE-2024-9164, the vulnerability carries a CVSS score of 9.6 out of 10.

“An issue was discovered in GitLab EE

The Hacker News – ​Read More

Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation

/in

The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and longest-running dark web market for illegal goods, drugs, and cybercrime services.
The takedown is the result of a collaborative investigation with Ireland, the United Kingdom, and the United States that began towards the end of 2022, the Politie said.
The marketplace

The Hacker News – ​Read More

American Water Bringing Systems Back Online After Cyberattack

/in

American Water is reconnecting and reactivating the systems that were taken offline earlier this week due to a cybersecurity incident.

The post American Water Bringing Systems Back Online After Cyberattack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Critical Mozilla Firefox Zero-Day Allows Code Execution

/in

The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.

darkreading – ​Read More