Eduard Kovacs

DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability.

Email-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals. 

Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes.

Oracle has denied that Cloud systems have been breached after a hacker claimed to have stolen millions of records.

The FCC is investigating whether Chinese firms such as Huawei, ZTE and China Telecom are still operating in the US.

Industry professionals comment on Google acquiring cloud security giant Wiz for $32 billion in cash.

More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause.

SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440.

Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction.

Microsoft has shared details on StilachiRAT, an evasive and persistent piece of malware that facilitates sensitive data theft.

A critical vulnerability affecting baseboard management controller (BMC) firmware made by AMI could expose many devices to remote attacks.

ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands.

Google has confirmed reports that it’s buying cloud security giant Wiz and says it’s prepared to pay $32 billion in cash.

Cloudflare launches Cloudforce Threat Events Feed, a service designed to provide security teams with real-time threat intelligence.

Exploit and vulnerability intelligence provider VulnCheck has raised $12 million in a Series A funding round.

Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive. 

The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.

Russian-Israeli LockBit ransomware developer Rostislav Panev has been extradited from Israel to the United States.

A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year.

A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering.