GitLab has issued a security update to address a Critical vulnerability CVE-2022-1162 where static passwords were inadvertently set during OmniAuth-based registration.
Security experts from UK’s National Cyber Security Centre (NCSC) warned of a new malware strain FlyBot, an Andoid password-stealing malware.
PHP maintainer Nikita Popov has published new details regarding the likely cause of a recent PHP source code compromise and insert of malicious code.
Cybersecurity experts are warning hackers are targeting nearly 50,000 vulnerable unpatched Fortinet VPNs to steal passwords.
The Mozilla Foundation has released Firefox 78 that includes security fixes for multiple vulnerabilities, as well as a new ‘Protections Dashboard’ feature.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning of likely targeting and compromise of U.S. COVID-19 research organizations by the People’s Republic of China (PRC).
Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.
Remote conferencing service company, Zoom, has patched a vulnerability that could allow a bad actor to eavesdrop on your company’s online meetings.
A new Windows trojan dubbed CStealer attempts to steal passwords from Chrome browser. The malware also uses a remote MongoDB server to store the stolen passwords.
Thousands of Disney+ account owners have reported their accounts have been hacked hours after the Disney+ video streaming service was launched.
