Uncategorized

Maxar Space Systems has verified a major data breach that exposed particular information of current and former workers. The breach in mid-October 2024 raised major cybersecurity concern after a hacker used a Hong Kong IP address to attack the company’s systems immorally. Maxar said, they discovered the breach on ‘October …

A security vulnerability (CVE-2024-52308) in the GitHub Command Line Interface (CLI) could allow remote code execution on users’ devices. With a CVSS score of 8.1, this highlights the need for developers to stay vigilant with software updates and security measures. The vulnerability arises from how the gh CLI handles SSH …

Fortinet has issued security updates for several products, including FortiOS, to fix vulnerabilities that could allow cyber attackers to take control of affected systems. CISA encourages users and administrators to review the following advisories and apply necessary updates. FG-IR-23-396 ReadOnly Users Could Run Some Sensitive Operations: A client-side enforcement of …

The Socket Research Team has discovered a malicious package named “fabrice,” pretending to be the legitimate fabric SSH automation library. Since its introduction on PyPI in 2021, fabrice has been stealing AWS credentials from users who mistakenly installed it. With over 37,000 downloads, this incident underscores ongoing risks of malware …

GitHub has launched an AI tool called ‘Spark’ that allows users to create apps using natural language, eliminating the need for coding. This tool was introduced at the GitHub Universe Conference in San Francisco. This tool, created by GitHub Next Labs, can quickly generate a web app from English prompts. …

Zimperium researchers have found a new version of FakeCall malware for Android that threatens financial security. This malware redirects users’ calls to their banks to the attacker’s phone number, aiming to steal sensitive information and funds. FakeCall is a banking trojan used for voice phishing, misleading victims into giving sensitive …

Global threat actors have significantly increased attacks on government sectors, with malware-driven attempts rising by triple digits in the first quarter of the year, according to SonicWall. The security vendor’s analysis shows a 236% increase in blocked attacks in Q1 2024 compared to last year, along with a 27% rise …

Bangladesh Bank issues alert on cyber threat. In its alert the central bank said, according to Bangladesh cyber security intelligence (BCSI)’s observation, some banks customers are victim to unauthorized transaction through Facebook ad manager. In this situation, Bangladesh Bank notifies the banks to take precautionary action to secure the account …

The Indian Cyber Crime Coordination Centre (I4C) has warned about illegal payment gateways set up by transnational cyber criminals using mule bank accounts for money laundering. The Ministry of Home Affairs (MHA) reported that recent nationwide raids by the Gujarat and Andhra Pradesh Police uncovered illegal digital payment gateways created …

White hat hackers at the Pwn2Own Ireland 2024 contest by Trend Micro’s Zero Day Initiative earned $500,000 on the first day by exploiting NAS devices, cameras, printers, and smart speakers. Sina Kheirkhah from Summoning Team earned the top reward of $100,000 by exploiting nine vulnerabilities in an attack from a …