Threat actors compromised at least 16 Chrome browser extensions leading to the exposure of data from over 600,000 users. A supply chain attack compromised 16 Chrome browser extensions, exposing over 600,000 users. Threat actors targeted the publishers of the extensions…
Tag: Security Affairs
China-linked actors hacked US Treasury Department
China-linked threat actors breached the U.S. Treasury Department by hacking a remote support platform used by the agency. China-linked threat actors breached the U.S. Treasury Department via a compromised remote support platform. The Treasury Department discovered the security breach on…
An X user claimed a 7-Zip zero-day vulnerability, but 7-Zip’s creator says is a fake
An X user using the handle @NSA_Employee39 disclosed a zero-day vulnerability in the open-source file archive software 7-Zip. A verified X account, @NSA_Employee39, claimed to disclose a zero-day vulnerability in the open-source file archive software 7-Zip. The X user announced…
Cisco states that the second data leak is linked to the one from October
Cisco confirmed the authenticity of the 4GB of leaked data, the data was compromised in a recent security breach, marking the second leak in the incident. Cisco confirmed the authenticity of the 4GB of leaked data, which was compromised in…
Threat actors attempt to exploit a flaw in Four-Faith routers
VulnCheck researchers warn that threat actors are attempting to exploit a high-severity vulnerability impacting some Four-Faith routers. Cybersecurity firm VulnCheck warns that a high-severity flaw, tracked as CVE-2024-12856 (CVSS score: 7.2), in Four-Faith routers is actively exploited in the wild. The vulnerability…
ZAGG disclosed a data breach that exposed its customers’ credit card data
ZAGG Inc. notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. ZAGG Inc. disclosed a data breach that exposed its customers’ credit card data after threat actors hacked a third-party application…
China-linked APT Salt Typhoon breached a ninth U.S. telecommunications firm
A White House official confirmed that China-linked threat actor Salt Typhoon breached a ninth U.S. telecommunications company. A White House official confirmed confirmed that China-linked APT group Salt Typhoon has breached a ninth U.S. telecoms company as part of a…
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 26
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript Analyzing Malicious Intent in Python Code: A Case…
Security Affairs newsletter Round 504 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Pro-Russia group NoName…
Pro-Russia group NoName targeted the websites of Italian airports
Pro-Russia group NoName057 targets Italian sites, including Malpensa and Linate airports, in a new DDoS campaign amid rising geopolitical tensions. The pro-Russia group NoName57 continues its campaign of DDoS attacks against Italian infrastructure. This time, the group of alleged hacktivists…