Biztonsági szemle

A massive cybercrime network known as "VexTrio" is using thousands of compromised WordPress sites to funnel traffic through a complex redirection scheme.

The Amazon Nova AI Challenge puts student research to the test and aims to bring a new perspective to challenges arising from the increase in AI-assisted software development.

Deserialization vulnerability that could let attackers run a remote code execution (RCE).

Cybersecurity vendors say threat actors' abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated — and much harder to detect and block.

The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan.

While most of the browser-based phishing attempts involved the spoofing of Microsoft, Facebook, and Netflix.

All six actions have since been consolidated, and the consolidated class action complaint was filed on November 7, 2024.

Abusing the security issues, which arise from inadequate user input sanitization, could enable threat actors to facilitate system command injections, arbitrary code execution, and eventual ICS hijacking.

Investigation into the incident that concluded last month revealed that infiltration of PSEA's systems on July 6.

Attackers eventually used YouTube and Discord to promote the bogus cracked software downloader ArcanaLoader to facilitate the distribution of Arcane malware.

While SpyX accounted for most of the 1.97 million stolen account records and email addresses obtained by HaveIBeenPwned.

Most impacted by the IT Army's distributed denial-of-service intrusions were Russian regional telecommunications operators.