CSOonline10h
Malware targets Mac users by using Apple’s security tool
Banshee macOS Stealer gained attention in mid-2024, promoted as a “stealer-as-a-service” on forums like XSS, Exploit, and ...
CSOonline15h
SEC rule confusion continues to put CISOs in a bind a year after a major revision
Despite a spate of recent actions exemplifying how the US Securities and Exchange Commission is enforcing disclosure and ...
CSOonline21h
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.
CSOonline19h
Legitimate PoC exploited to spread information stealer
CSOonline reported on the original — and safe — PoC exploit, LDAPNightmare, created by SafeBreach for a vulnerability in ...
CSOonline1d
New Mirai botnet targets industrial routers
Security researchers warn of a new variant of the Mirai botnet. Attackers used it for zero-day exploits on industrial routers ...
CSOonline1d
China-linked hackers target Japan’s national security and high-tech industries
Authorities reveal advanced cyber tactics exploiting tools such as Windows Sandbox and Visual Studio Code, urging immediate ...
CSOonline1d
SonicWall firewall hit with critical authentication bypass vulnerability
With a CVSS score of 8.2/10, the vulnerability impacts a number of Gen6 and Gen7 firewalls. The fixed versions include ...
CSOonline1d
UN agency’s job application database breached, 42,000 records stolen
The agency, which supports the operation of international civil aviation, said air traffic is safe, but one analyst raised ...
CSOonline1d
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
The software maker announced that a stack-based buffer overflow flaw in its VPN appliance has been exploited in the wild.
CSOonline2d
Critical Mitel, Oracle flaws find active exploitation, CISA urges patching
CISA added the flaws to its known vulnerability catalog, recommending swift patching pursuant to Binding Operational ...
CSOonline1d
DNA sequencer vulnerabilities signal firmware issues across medical device industry
Eclypsium security researchers have uncovered UEFI vulnerabilities in the Illumina iSeq 100 DNA sequencer, but the broader ...
CSOonline3d
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Large language models (LLMs) are proving to be valuable tools for discovering zero-days, bypassing detection, and writing ...