Technical Advisory – Multiple Vulnerabilities in Juplink RX4-1800 WiFi Router (CVE-2022-37413, CVE-2022-37414)
Juplink’s RX4-1800 WiFi router was found to have multiple vulnerabilities exposing its owners to potential intrusion in their local WiFi network and complete overtake of the device. An attacker...
Threat Actor Abuses LinkedIn’s Smart Links Feature to Harvest Credit Cards
A malicious campaign targeting Internet users in Slovakia is serving up another reminder of how phishing operators frequently leverage legitimate services and brands to evade security controls.In this instance,...
Sophisticated Hermit Mobile Spyware Heralds Wave of Government Surveillance
While NSO Group's Pegasus spyware is perhaps the highest-profile surveillance weapon used by repressive governments against civil society, a recently discovered, powerful mobile reconnaissance malware dubbed Hermit has come...
White hat finds huge vulnerability in Ethereum–Arbitrum bridge: Wen max bounty?
A self-described white hat hacker has uncovered a “multi-million dollar vulnerability” in the bridge linking Ethereum and Arbitrum Nitro and received a 400 Ether (ETH) bounty for their find.Known...
The impact of the Wintermute hack could have been worse than 3AC, Voyager and...
Most crypto investors probably never heard of Wintermute Trading before the Sept. 20 $160 million hack, but that does not reduce their significance within the cryptocurrency ecosystem. The London-based...
ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat
Security researchers are sounding the alarm on the malware tool dubbed ChromeLoader. It first surfaced in January as a consumer-focused, browser-hijacking credential stealer but has now evolved into a widely prevalent...
Alternative payment apps such as AliPay a boon for cybercriminals, experts tell Congress
Written by Tonya Riley Sep 20, 2022 |...
Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords
Spell-checking features present in both the Google Chrome and Microsoft Edge browsers are leaking sensitive user information — including username, email, and passwords — to Google and Microsoft, respectively,...
Beware of Phish: American Airlines, Revolut Data Breaches Expose Customer Info
Call it breach week: Hard on the heels of the Uber bombshell, American Airlines said that it suffered a data breach after a successful phishing attempt hooked a few...
Most common SAP vulnerabilities attackers try to exploit
Unpatched vulnerabilities, common misconfigurations and hidden flaws in custom code continue to make enterprise SAP applications a target rich environment for attackers at a time when threats like ransomware...
