Biztonsági szemle

Ongoing attacks leveraging a pair of critical operating system command injection flaws impacting GeoVision Internet of Things devices, tracked as CVE-2024-6047 and CVE-2024-11120, have prompted their inclusion in the Cybersecurity and Infrastructure...

TechCrunch reports that Insight Partners a venture capital firm with over $90 billion in regulated assets under management has confirmed the compromise of data belonging to an unspecified number of individuals as a result of a January cyberattack.

Major UK multinational education services provider Pearson had mostly legacy corporate and customer information stolen following a cyberattack, BleepingComputer reports.

The U.S. Department of Government Efficiency was reported by journalist Micah Lee to have had one of its software engineers compromised with information-stealing malware.

BleepingComputer reports that malicious code injected into the deprecated yet widely downloaded npm package 'rand-user-agent' as part of a supply chain attack has facilitated the deployment of a remote access trojan on systems where it has been...

Ads with the Apple logo and a link purportedly leading to CNN have been used to promote the fake cryptocurrency token dubbed "iToken" across X, formerly Twitter, as part of an ongoing cryptocurrency scam, Cybernews reports.

More than 38,000 different sub-domains have been utilized to host fraudulent cryptocurrency wallet websites on Amazon S3 and Azure Web Apps as part of the far-reaching FreeDrain cryptocurrency phishing campaign, reports The Hacker News.

We have to move past the longstanding choice of upgrading or accepting risk in our legacy Linux systems.

A 2025. 19. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.04.30. és 2025.05.08. között kezelt incidensek statisztikai adatait is tartalmazza.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Increase in attacks using malware known as “TheMoon" seen, says FBI.

A hard-coded JSON Web Token could allow a remote attacker to upload files with root privileges.