Security News

Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the...

Threat actors have been observed targeting Internet Information Services (IIS) servers in Asia as part of a search engine optimization (SEO) manipulation campaign designed to install BadIIS...

Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and...

Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active...

Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...]

Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to...

The U.S. Justice Department has charged a Canadian man with stealing roughly $65 million after exploiting two decentralized finance (DeFI) protocols. [...]

Broadcom has released security updates to patch five security flaws impacting VMware Aria Operations and Aria Operations for Logs, warning customers that attackers could exploit them to gain...

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances. "When an...