How to Examine Polyglot Files with Spectra Analyze Polyglot files combine elements from multiple file formats, concealing executable code in overlooked sections such as metadata or comments within...

GitHub - Katana: A Next-Generation Crawling and Spidering Framework 🚀 Katana is a next-generation crawling and spidering framework designed for fast and fully configurable web crawling, supporting...

CODESYS Vulnerabilities in Festo Automation Suite 🚨 Attention all users! The following versions of CODESYS in Festo Automation Suite are affected: FESTO Software Festo Automation Suite (versio...

90% of People Don’t Trust AI with Their Data People are using AI, but they don’t trust it. In our latest privacy pulse survey, we gathered 1,200 responses from readers of the Malwarebytes newslett...

Qihoo 360 Leaked Its Own Wildcard SSL Private Key Inside Public AI Installer China’s largest cybersecurity firm, Qihoo 360, has inadvertently exposed its own wildcard SSL private key by bundling i...

Researchers Find Data Leak Risk in AWS Bedrock AI Code Interpreter 🚨 Cybersecurity researchers have identified a vulnerability in an Amazon Web Services (AWS) tool that could allow attackers to st...

🚨 Researchers Warn of Global Surge in Fake Shipment Tracking Scams Fake shipment tracking scams are rapidly scaling across the world, exploiting the 161 billion annual parcel volume that fuels glo...

GlassWorm Attack Overview 🚨 The GlassWorm attack is a significant threat targeting Python projects, including Django apps, machine learning research code, Streamlit dashboards, and PyPI packages. ...

Flaw in UK’s Corporate Registry Exposes Directors’ Data 🚨 Companies House was forced to pull down its record-filing platform for the entire weekend to rectify a security issue that exposed the per...

China-Linked Hackers Target Asian Militaries in Espionage Operation 🚀 Southeast Asian military organizations have been targeted in a China-linked cyberespionage campaign running for years, as repo...

Payload Ransomware Claims the Hack of Royal Bahrain Hospital 🚨 The Payload Ransomware group claims to have breached the Royal Bahrain Hospital (RBH), a leading healthcare facility in Bahrain. Spec...

Introducing Betterleaks 🚀 A new open-source tool called Betterleaks has been launched to scan directories, files, and git repositories to identify valid secrets using default or customized rules. ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2019-25473 Softwebinternational -...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2019-25473 Softwebinternational -...

🚨 AppsFlyer Web SDK Hijacked! The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocu...

Credential-Stealing Crew Spoofs VPN Clients 🚨 A group of cybercriminals tracked as Storm-2561 is using fake enterprise VPN clients from CheckPoint, Cisco, Fortinet, Ivanti, and other vendors to st...

Twenty Years of Cloud Security Research On March 14, 2006, AWS announced S3, marking the first AWS service that was generally available. From day one, it has been possible to do great things with ...

CrackArmor - Critical AppArmor Flaws Enable Local Privilege Escalation to Root 🚨 Qualys TRU has discovered critical vulnerabilities in AppArmor, dubbed “CrackArmor”, that allow unprivileged users ...

AI-Generated Slopoly Malware Used in Interlock Ransomware Attack 🚨 A new malware strain dubbed Slopoly, likely created using generative AI tools, has allowed a threat actor to remain on a compromi...

Canadian Retail Giant Loblaw Notifies Customers of Data Breach 🚨 Loblaw Companies Limited, the largest food and pharmacy retailer in Canada, has announced that hackers breached a portion of its IT...