Hackers from Russia and Belarus are increasingly targeting Latvian government and critical infrastructure websites in politically motivated cyberattacks, according to Latvian cybersecurity officials.

This authentication bypass flaw, with a CVSS score of 9.8 (the highest severity rating), could enable unauthorized users to gain administrative access to Red Hat Satellite, a commercial offering built on Foreman.

The US has indicted members of Russian military intelligence unit 29155 for cyber-operations including WhisperGate hacks against Ukraine, offering up to $10 million for information.

The fake landing pages closely mimicked the real Lowe’s portal, prompting employees to enter their sales numbers, passwords, and security question answers, which then were sent to attackers.

The White House has launched a cybersecurity hiring sprint to fill 500,000 job openings, part of a program to address the ongoing shortage in cyber, technology, and AI positions.

Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query.

The CVE-2024-26581 PoC exploit has been disclosed, posing a risk to Linux systems by allowing root compromise. The flaw exists in the nft_set_rbtree function within the Linux kernel, enabling attackers to access sensitive data on affected systems.

Praetorian has uncovered GoffLoader, an in-memory execution tool that allows security professionals to run BOF and unmanaged Cobalt Strike PE files directly in memory without writing to disk.

Despite facing sanctions, Predator has managed to attract new customers and has been detected in various countries, including the Democratic Republic of Congo and Angola.