Category: Security Affairs

A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE discovered a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-4577, in the PHP programming language. An…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New…

Read more →

The source code and data of The New York Times leaked on the 4chan was stolen from the company’s GitHub repositories in January 2024. This week, VX-Underground first noticed that the internal data of The New York Times was leaked…

Read more →

SolarWinds addressed multiple vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a pentester working with NATO. SolarWinds announced security patches to address multiple high-severity vulnerabilities in Serv-U and the SolarWinds Platform. The vulnerabilities affect Platform 2024.1…

Read more →

Chinese shopping platform Pandabuy previously paid a ransom demand to an extortion group that extorted the company again this week. The story of the attack against the Chinese shopping platform Pandabuy demonstrates that paying a ransom to an extortion group…

Read more →

Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of a cyber espionage campaign dubbed SickSync. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber espionage campaign targeting defense forces in the country.…

Read more →

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP. The campaign seems to have…

Read more →

A new Linux variant of the TargetCompany ransomware family targets VMware ESXi environments using a custom shell script. A new variant of the TargetCompany ransomware group uses a custom shell script as a means of payload delivery and execution, this is…

Read more →

The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. The FBI is inviting victims of LockBit ransomware to come forward because it has…

Read more →

Researchers believe the RansomHub ransomware-as-a-service is a rebranded version of the Knight ransomware operation. Cybersecurity experts who analyzed the recently emerged ransomware operation RansomHub speculate that is is a rebranded version of Knight ransomware. Knight, also known as Cyclops 2.0,…

Read more →

Cybersecurity researchers demonstrated how malware could potentially steal data collected by the new Windows Recall tool. The Recall feature of Microsoft Copilot+ is an AI-powered tool designed to help users search for past activities on their PC. The data collected…

Read more →

Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited vulnerabilities in the German government’s implementation of the Cisco Webex software to…

Read more →

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing platform TikTok to hijack high-profile accounts. The vulnerability resides in the direct messages…

Read more →

Zyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emergency security update to address three critical flaws in some of its NAS devices that have reached end-of-life. An attacker can…

Read more →

A ransomware attack that hit the provider of pathology and diagnostic services Synnovis severely impacted the operations of several London hospitals. A ransomware attack on pathology and diagnostic services provider Synnovis has severely impacted the operations at several major NHS…

Read more →

The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the American telecommunications…

Read more →

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. Resecurity has uncovered a new cybercriminal group providing Phishing-as-a-Service (PhaaS) platform that is equipping fraudsters with sophisticated kit (known…

Read more →

Researchers published a PoC exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. Researchers published a proof-of-concept (PoC) exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. Telerik Report Server is an end-to-end report…

Read more →

Researcher discovered several authorization bypass vulnerabilities in Cox modems that potentially impacted millions of devices. The security researcher Sam Curry discovered multiple issues in Cox modems that could have been exploited to modify the settings of the vulnerable modem and…

Read more →

CISA adds Oracle WebLogic Server OS command injection vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracle WebLogic Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The issue, tracked as CVE-2017-3506…

Read more →