A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy.
The deprecated FCKeditor plugin is being abused to create open redirects on university, government, and corporate websites, allowing threat actors to poison search engine results with malicious content.
Dec 05, 2023NewsroomMobile Security / Spyware A new “post-exploitation tampering technique” can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it’s actually not and carry out covert attacks. The novel method, detailed by Jamf Threat Labs in a report shared with […]
Millions of browser-based cryptocurrency wallets are affected by an open-source software vulnerability that can be abused by attackers to steal over $1 billion worth of cryptocurrency. The vulnerability, dubbed as Randstorm, affects the 0.13 version of Bitcoin JS, a popular JavaScript library used to generate cryptocurrency wallets. More in detail The vulnerability primarily affects multiple […]