Risk & Resilience

Casbaneiro Phishing Campaign Targets Latin America And Europe With Dynamic PDF Lures

Risk & Resilience
Brazilian cybercrime actors deploy Casbaneiro and Horabot malware via dynamic PDFs, WhatsApp automation, and email phishing campaigns across Latin America and Europe.

Drift Suffers $285 Million Loss In Durable Nonce Social Engineering Attack Linked To DPRK

Risk & Resilience
Solana based exchange Drift confirms $285 million loss after a sophisticated social engineering attack involving durable nonces and suspected DPRK linked actors.

Apple Expands iOS 18.7.7 Update To Protect Users From DarkSword Exploit

Risk & Resilience
Apple extends iOS 18.7.7 and iPadOS 18.7.7 updates to more devices to block DarkSword exploit, addressing critical vulnerabilities in older iOS versions.

Wazuh Enables Proactive Vulnerability Management With Continuous Monitoring

Risk & Resilience
Wazuh helps organizations shift from periodic scans to proactive vulnerability management, integrating asset visibility, threat intelligence, and real-time exploitation detection.

LangChain And LangGraph Vulnerabilities Expose Sensitive Data In Widely Used AI Frameworks

Risk & Resilience
Security researchers reveal critical vulnerabilities in LangChain and LangGraph that could expose files, secrets, and databases, raising concerns for enterprise AI deployments.

Google Advances Quantum Computing Timeline To 2029 Raising Urgency For Post Quantum Security

Risk & Resilience
Google has accelerated its quantum computing timeline to 2029, urging faster adoption of post quantum cryptography as threats to current encryption standards grow.

Magento PolyShell Flaw Allows Unauthenticated Uploads, Remote Code Execution, And Account Takeover

Risk & Resilience
A critical Magento vulnerability named PolyShell exposes stores to unauthenticated file uploads, remote code execution, and account takeover risks, with active exploitation now observed.

Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver To Evade Security

Risk & Resilience
A malvertising campaign targets U.S. users searching for tax forms, delivering ScreenConnect malware and HwAudKiller to bypass EDR using a Huawei driver.

Trivy Supply Chain Attack Spurs Self Propagating CanisterWorm Across Npm Ecosystem

Risk & Resilience
A supply chain attack linked to Trivy has led to the spread of CanisterWorm malware across dozens of npm packages, exploiting tokens and decentralized infrastructure.

Apple Warns Older iPhones At Risk From Coruna And DarkSword Exploit Kit Attacks

Risk & Resilience
Apple advises users to update older iPhones to prevent data theft from Coruna and DarkSword exploit kits targeting outdated iOS versions through malicious websites.

Apple Fixes WebKit Vulnerability Allowing Same Origin Policy Bypass Across Devices

Risk & Resilience
Apple patches WebKit vulnerability CVE 2026 20643 affecting iOS, iPadOS, and macOS, addressing same origin policy bypass risks through background security improvements.

Ubuntu CVE 2026 3888 Flaw Enables Root Access Through systemd Timing Exploit

Risk & Resilience
A high severity Ubuntu vulnerability CVE 2026 3888 allows attackers to gain root access via systemd cleanup timing and snap confine interaction.
123...10Page 2 of 10

Recent articles

spot_img