A newly discovered phishing-as-a-service (PhaaS) operation that researchers call Morphing Meerkat, has been using the DNS over HTTPS (DoH) protocol to evade detection. […] Go to Source Author: Bill Toulas
Category Archives: Security
Three security bypasses have been discovered in Ubuntu Linux’s unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components. […] Go to Source Author: Bill Toulas
A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. […] Go to Source Author: Lawrence Abrams
The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. […] Go to Source Author: Lawrence Abrams
Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers’ systems. […] Go to Source Author: Bill Toulas
A China-linked cyberespionage group known as ‘FamousSparrow’ was observed using a new modular version of its signature backdoor ‘SparrowDoor’ against a US-based trade organization. […] Go to Source Author: Bill Toulas
A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. […] Go to Source Author: Bill Toulas
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser’s sandbox on Windows systems. […] Go to Source Author: Sergiu Gatlan
Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against ‘Big Tech’ surveillance for free. […] Go to Source Author: Bill Toulas
Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor’s cloud platform. […] Go to Source Author: Ionut Ilascu