🚨 Critical security flaw found in Fortra FileCatalyst Workflow. CVE-2024-5276 scores 9.8 on CVSS. Patch now to protect your data from SQL injection attacks.

Details here ➡️ https://thehackernews.com/2024/06/critical-sqli-vulnerability-found-in.html

A 22-year-old Russian national has been indicted in the U.S. for cyberattacks against Ukraine and its allies just before Russia's invasion in 2022.

US offers $10M reward. Read more: https://thehackernews.com/2024/06/russian-national-indicted-for-cyber.html

⚠️ Attention developers — A new high-severity prompt injection flaw (CVE-2024-5565) in Vanna AI library exposes databases to remote code execution.

Find out how this flaw could impact your projects: https://thehackernews.com/2024/06/prompt-injection-flaw-in-vanna-ai.html

Discover the power of Python in blockchain development with AlgoKit!

Explore how you can build decentralized applications securely and efficiently.

Learn about setup, benefits, and getting started with dApps: https://thehackernews.com/2024/06/how-to-use-python-to-build-secure.html

Ensuring data security remains crucial, which is why GigaOm recently released a new DSPM report highlighting industry leaders.

Sentra has emerged as a leader and rapid innovator, receiving high scores for its data mapping, access intelligence, and on-premises capabilities.

View the full report here 👇
https://thn.news/data-security-posture

🚨 Alert: Rust-based worm P2PInfect botnet has evolved to target misconfigured Redis servers with ransomware and cryptocurrency miners, showcasing new financial motivations and advanced evasion techniques.

Learn more: https://thehackernews.com/2024/06/rust-based-p2pinfect-botnet-evolves.html

Alert: TeamViewer detected an irregularity in its internal corporate IT environment. Investigations are ongoing to identify the attackers and the method of intrusion.

Learn more: https://thehackernews.com/2024/06/teamviewer-detects-security-breach-in.html

Multiple critical vulnerabilities have been identified in Emerson Rosemount gas chromatographs that could be exploited to execute arbitrary commands, bypass authentication, and cause DoS conditions.

Read: https://thehackernews.com/2024/06/researchers-warn-of-flaws-in-widely.html

🕵️‍♂️ Researchers unveil SnailLoad — a new side-channel attack exploiting network latency spy on users' web activity remotely, achieving up to 98% for video content and 63% for website visits.

Read: https://thehackernews.com/2024/06/new-snailload-attack-exploits-network.html

From PowerShell scripts to mimicking legitimate apps, discover how the 8220 Gang exploits Oracle WebLogic Server vulnerabilities using fileless techniques for cryptocurrency mining.

Read: https://thehackernews.com/2024/06/8220-gang-exploits-oracle-weblogic.html

Don't let your #SaaS become a trojan horse!

Threat actors exploit misconfigured settings, dormant machine IDs, unauthorized access to breach networks. Extend Zero Trust to SaaS with posture management to lock it down.

Learn more: https://thehackernews.com/2024/06/combatting-evolving-saas-kill-chain-how.html

GitLab releases security updates fixing 14 vulnerabilities, including critical CI/CD flaw CVE-2024-5655. Update now to ensure protection.

Read: https://thehackernews.com/2024/06/gitlab-releases-patch-for-critical-cicd.html

🚨 Just when you thought your biggest online worry was autocorrect... Think again!

North Korean Kimsuky group is using a new malicious Chrome extension, TRANSLATEXT, to steal sensitive info from South Korean academia.

Details here: https://thehackernews.com/2024/06/kimsuky-using-translatext-chrome.html

⚠️ Attention website operators! Starting Nov 1, 2024, Google Chrome will block sites using Entrust certificates due to security issues.

Read: https://thehackernews.com/2024/06/google-to-block-entrust-certificates-in.html

Don't get caught off guard—switch to a trusted CA before it's too late.

🚨 Critical Alert for Network Admins!

Juniper Networks just dropped an urgent security patch.

➟ CVE-2024-2973: Authentication bypass flaw
➟ CVSS score: 10.0
➟ Affects Session Smart Router & Conductor in HA configs

Read: https://thehackernews.com/2024/07/juniper-networks-releases-critical.html

🚨 A critical OpenSSH flaw (CVE-2024-6387) allows unauthenticated remote code execution on glibc-based Linux systems. 14 million servers at risk.

https://thehackernews.com/2024/07/new-openssh-vulnerability-could-lead-to.html

Apply the latest patches now!

🛑 ALERT: Software from Conceptworld trojanized to spread info-stealing malware!

If you downloaded Notezilla, RecentX, or Copywhiz in June, check your systems NOW!

Details here: https://thehackernews.com/2024/07/indian-software-firms-products-hacked.html

Explore end-to-end secrets security strategies to protect machine identities, prevent breaches, and empower developers with secure credential management practices.

Read: https://thehackernews.com/2024/07/end-to-end-secrets-security-making-plan.html

Transparent Tribe launches a new Android malware campaign, targeting mobile users with CapraRAT spyware disguised as popular apps.

Read: https://thehackernews.com/2024/07/caprarat-spyware-disguised-as-popular.html

🔒 iOS & macOS devs, heads up!

Discover how 3 new vulnerabilities in CocoaPods, a popular Apple developer tool, could lead to supply chain attacks on iOS & macOS apps.

Details here: https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html

Ensure your dependencies are up-to-date.