Security News > 2024 > September

Attackers got 10k people to download 'trusted' web3 brand cheat before Mountain View intervened The latest in a long line of cryptocurrency wallet-draining attacks has stolen $70,000 from people...

WordPress.org has banned WP Engine from accessing its resources and stopped delivering plugin updates to websites hosted on the platform, urging impacted users to choose other hosting providers. [...]

A crypto draining app mimicking the legitimate 'WalletConnect' project has been distributed over Google Play for five months getting more than 10,000 downloads. [...]

Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is...

Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That's what dealing with security alerts can feel like....

Google’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory safety vulnerabilities, despite old code...

HPE Aruba Networking has fixed three critical vulnerabilities in the Command Line Interface (CLI) service of its Aruba Access Points, which could let unauthenticated attackers gain remote code...

A good—long, complex—analysis of the EU’s new Cyber Resilience Act.

Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential...

As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French...