The operators behind the "Lemon Duck" cryptominer have developed new techniques to better target enterprise-grade Linux systems, according to the security firm Sophos.
The vulnerability is centered around how these devices do not use encryption for transmitting data back and forth to their servers or other connected devices.
Researchers have discovered a way to bypass the PIN authentication for Visa transactions. A bug in the communication protocols lets attackers mount a MITM attack without entering the PIN code.
Two more ransomware gangs, Conti and SunCrypt, have apparently joined the Maze collective, which currently consists of Maze, LockBit and Ragnar Locker.
The npm security team has removed a malicious JavaScript library from the npm portal that was designed to steal sensitive files from an infected users' browser and Discord application.
Researchers report the TA542 threat group has made code changes to its malware and started targeting new locations with Emotet.
A government ministry in Jakarta has suggested that a recent spate of cyber-attacks against its critics could be an attempt by a third party to turn public opinion against the government.
The VSIX Installer of Visual Studio allows for revival of expired code-signing certificates and modification of timestamps.
Online Book Store version 1.0 suffers from a remote SQL injection vulnerability.
TP-Link WDR4300 with firmware versions 3.13.33 and 3.14.3 post-authentication remote code execution exploit.
