Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment card information and other sensitive data, security researchers said Monday. The infections are the result of a supply-chain attack that compromised at least three software providers with malware that remained dormant for six years and became active only in the last few weeks. READ MORE...
Any app that hands over user data is a concern, but leaky dating apps are especially worrying given the sensitivity of the data involved. A relatively new app called Raw that aims to rewrite the rules of dating is the latest to trip over its coattails by exposing user data to…well, anyone who asked for it. Launched in 2023, Raw is a dating app that aims to solve some of the traditional problems in online dating, including fake or egregiously touched-up photos, and ghosting. READ MORE...
A threat actor tracked as "Venom Spider" is targeting HR staff like recruiters with a complex phishing scheme that capitalizes on the need for such staff to open email attachments. Researchers at security vendor Arctic Wolf tracked the campaign, which targets hiring managers and recruiters with specialized spear-phishing emails. As Arctic Wolf Labs explained in a May 2 blog post, employees responsible for the hiring process can be some of the most vulnerable in these kinds of cyberattacks. READ MORE...
Google on Monday started rolling out a fresh security update for Android phones, with fixes for roughly 50 vulnerabilities, including a bug exploited in the wild. Resolved as part of the update's first part, which arrives on devices as the 2025-05-01 security patch level, the exploited flaw is tracked as CVE-2025-27363 (CVSS score of 8.1) and impacts the FreeType software development library. READ MORE...
A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. The campaign was detected last month and relied on three malicious Go modules that included "highly obfuscated code" for retrieving remote payloads and executing them. The attack appears designed specifically for Linux-based servers and developer environments, as the destructive payload runs a 'dd' command for the file-wiping activity. READ MORE...
Passkey usability must evolve to accomplish any substantial adoption rates. Identity-based attacks continue to grow more sophisticated as threat actors learn new multifactor authentication (MFA) bypass techniques and increasingly focus efforts to harvest credentials. The ransomware landscape has expanded as well, with more initial access brokers who provide gangs with an entrance to their targeted victims. READ MORE...
Every day, we place our trust in technology. Whether in the boardroom or the living room, technology has become the linchpin of security that protects our most sensitive and private information. The recent controversy surrounding the use of Signal by government officials raises a somewhat existential question: Is today's technology so sophisticated we've made it impossible to have a truly private, 100% secure conversation anywhere online? READ MORE...
The exploitation of a high-severity vulnerability in the Samsung MagicINFO content management system (CMS) began within days after proof-of-concept (PoC) exploit code targeting it was made public, cybersecurity firm Arctic Wolf warns. Tracked as CVE-2024-7399 (CVSS score of 8.8), the issue is described as an "improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server" that could be exploited to write arbitrary files with system privileges. READ MORE...
A messaging service used by former National Security Advisor Mike Waltz has temporarily shut down while the company investigates an apparent hack. The messaging app is used to access and archive Signal messages but is not made by Signal itself. 404 Media reported yesterday that a hacker stole data "from TeleMessage, an obscure Israeli company that sells modified versions of Signal and other messaging apps to the US government to archive messages." READ MORE...
The importance of the MITRE-run Common Vulnerabilities and Exposures (CVE) Program shouldn't be understated. For 25 years, it has acted as the point of reference for cybersecurity professionals to understand and mitigate security flaws. By providing a standardized method for naming and cataloguing known vulnerabilities, it offers defenders a shared language for understanding, prioritizing, and responding to real-world threats. READ MORE...