Security News

Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results. The distribution method was unknown at the time but separate reports in December from cybersecurity companies Trend Micro and Guardio revealed that hackers were abusing the Google Ads platform to push malicious downloads in search results.

The Gootkit loader malware operators are running a new SEO poisoning campaign that abuses VLC Media Player to infect Australian healthcare entities with Cobalt Strike beacons. The campaign goal is to deploy the Cobalt Strike post-exploitation toolkit on infected devices for initial access to corporate networks.

Security researchers have uncovered a long-running malicious campaign from hackers associated with the Chinese government who are using VLC Media Player to launch a custom malware loader. Researchers at Symantec, a division of Broadcom, found that after gaining access to the target machine the attacker deployed a custom loader on compromised systems with the help of the popular VLC media player.

VideoLan has released VLC Media Player 3.0.14 to fix an issue affecting Window users and causing the software's auto-updater not to launch the new version's installer automatically. "VLC users on Windows might encounter issues when trying to auto update VLC from version 3.0.12 and 3.0.13," VideoLan explained.

VideoLan released VLC Media Player 3.0.12 for Windows, Mac, and Linux last week with numerous improvements, features, and security fixes. This release is a significant upgrade for Mac users as it provides native support for Apple Silicon and fixes audio distortion in macOS. In addition to bug fixes and improvements, this release also fixes numerous security vulnerabilities reported by Zhen Zhou of the NSFOCUS Security Team.

Keep your media player, like other apps, up to date: 13 security flaws fixed VideoLAN has issued an update to address a baker's dozen of CVE-listed security vulnerabilities in its widely used VLC...

VideoLAN this week released a software update to its highly popular VLC media player to address a dozen vulnerabilities, the most important of which could lead to arbitrary code execution. read more

VLC, the popular cross-platform media player, has reached version 3.0.8, which fixes over a dozen security vulnerabilities, some of which could be exploited by attackers to achieve code execution...

VideoLAN has released an updated version of its VLC Player to fix over a dozen bugs.

'Fake news!' dev team cries VLC is said to be once again vulnerable to remote-code execution – meaning a malicious video opened by the software could potentially crash the media player, or joyride...