Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities, discovered by Qualys, are listed below – CVE-2025-6018 – LPE from unprivileged to allow_active in SUSE 15’s Pluggable Authentication Modules (PAM) CVE-2025-6019 – LPE from allow_active to root in […]
Author Archives: Onsite Computing, Inc.
The pro-Israel “Predatory Sparrow” hacking group claims to have stolen over $90 million in cryptocurrency from Nobitex, Iran’s largest crypto exchange, and burned the funds in a politically motivated cyberattack. […] Go to Source Author: Lawrence Abrams
OpenAI intends to help streamline the Defense Department’s administrative processes using artificial intelligence. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Many cybersecurity professionals still don’t feel comfortable admitting when they need a break. And the impact goes beyond being overworked. Go to Source Author: Arielle Waldman
North Korean advanced persistent threat (APT) ‘BlueNoroff’ (aka ‘Sapphire Sleet’ or ‘TA444’) are using deepfake company executives during fake Zoom calls to trick employees into installing custom malware on their computers. […] Go to Source Author: Bill Toulas
The Android malware is targeting Turkish financial institutions, completely taking over legitimate banking and crypto apps by creating an isolated virtualized environment on a device. Go to Source Author: Elizabeth Montalbano, Contributing Writer
A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails. The ongoing campaign has been codenamed SERPENTINE#CLOUD by Securonix. It leverages “the Cloudflare Tunnel infrastructure and Python-based loaders to deliver memory-injected payloads through a chain of shortcut files and obfuscated Go […]
Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols. […] Go to Source Author: Sergiu Gatlan
A large-scale malware campaign specifically targets Minecraft players with malicious mods and cheats that infect Windows devices with infostealers that steal credentials, authentication tokens, and cryptocurrency wallets. […] Go to Source Author: Bill Toulas
As the frequency and intensity of natural disasters, cyberattacks, and other disruptions rises, healthcare organizations are under mounting pressure to maintain operational continuity. Given the sector’s reliance on operational technology, how can health systems prepare for and respond to emergencies? Here’s what you need to know to protect both your IT infrastructure and the continuity […]