security

Aqua Nautilus, a cloud security firm, discovered new Go-based malware that targets Redis (remote dictionary server), an open source in-memory database and cache. The attack was carried out against one...

Despite fixes released by the chipmaker, a set of five medium-severity security flaws in Arm’s Mali GPU driver have remained unpatched on Android devices such as Samsung, Oppo, Xiaomi, and...

DuckDuckGo, a privacy-focused search engine, has added an App Tracking Protection tool to its Android app, allowing users to see what personal data trackers are typically attempting to collect before...

Security researchers from Checkmarx have uncovered an ongoing supply chain attack that involves spreading the malware identified as W4SP Stealer. W4SP Stealer is a discord malware that grabs all the...

Worok malware makes the rounds by deploying multi-level malware designed to steal data and compromise high-profile victims such as government entities in the Middle East, Southeast Asia, and South Africa,...

IceXLoader, an updated version of a malware loader, is suspected of infecting thousands of personal and enterprise Windows machines around the world. IceXLoader is a commercially available malware that costs...

Microsoft has fixed six actively exploited Windows vulnerabilities and 68 vulnerabilities in its November 2022 Patch Tuesday. Eleven of the 68 vulnerabilities fixed are classified as “critical,” allowing privilege escalation,...

Threat actors are distributing malicious Python packages to the popular Python Package Index (PyPI) service, using authentic-sounding file names, and hidden imports to deceive developers and steal their data. The...

RomCom, a threat actor, is said to be conducting a series of new attack campaigns using the brand power of SolarWinds, KeePass and PDF Technologies. It uses a RomCom RAT...

According to security researchers from SentinelOne, the relatively new ransomware gang called Black Basta shares tooling and possibly personnel with the notorious FIN7 hacking group. The researchers were able to...

Researchers from the Leiden Institute of Advanced Computer Science have discovered thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for vulnerabilities and malware. Various malicious programs and...