The Managed XDR team investigated a sophisticated campaign distributing Lumma Stealer through GitHub, where attackers leveraged the platform’s release infrastructure to deliver malware such as SectopRAT, Vidar, and Cobeacon.
GreyNoise reports active exploitation of a newly discovered zero-day vulnerability in Zyxel CPE devices. There are no patches available. The post New Zyxel Zero-Day Under Attack, No Patch Available appeared first on SecurityWeek.
Oligo Security has raised $50 million in Series B funding for its application detection and response (ADR) platform. The post Oligo Raises $50M to Tackle Application Detection and Response appeared first on SecurityWeek.
New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices. The post New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones appeared first on SecurityWeek.
The Mirai-based Aquabot botnet has been targeting a vulnerability in Mitel SIP phones for which a proof-of-concept (PoC) exploit exists. The post Aquabot Botnet Targeting Vulnerable Mitel Phones appeared first on SecurityWeek.
The Department of Justice is investigating a lobbying firm representing ExxonMobil for hacking the phones of climate activists: The hacking was allegedly commissioned by a Washington, D.C., lobbying firm, according to a lawyer representing the U.S. government. The firm, in turn, was allegedly working on behalf of one of theRead More »ExxonMobil Lobbyist Caught Hacking Climate Activists
VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access. The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared first on SecurityWeek.
The investment includes equity and debt from new investors Qualcomm Ventures, Pavilion Capital, Singtel Innov8, and Sixty Degree Capital. The post Eclypsium Eyes Global Expansion with $45 Million Series C Investment appeared first on SecurityWeek.
Hackers stole more than $85 million in crypto assets from hot wallets at cryptocurrency exchange Phemex. The post Hackers Drain Over $85 Million From Crypto Exchange Phemex appeared first on SecurityWeek.
Endpoint management and security firm NinjaOne to acquire cloud data backup, archiving, and recovery solutions provider Dropsuite for $252 million. The post NinjaOne to Acquire Dropsuite for $252 Million appeared first on SecurityWeek.
