Ivanti Connect Secure, formerly known as Pulse Connect Secure, has been found to have two zero-day vulnerabilities, namely CVE-2023-46805 and CVE-2024-21887, which were exploited by threat actors …
Apple Patches Keystroke Injection Vulnerability in Magic Keyboard
Apple has released firmware updates for its Magic Keyboard to address a vulnerability that could allow attackers to inject keystrokes over Bluetooth. The vulnerability, disclosed by SkySafe software …
Continue Reading about Apple Patches Keystroke Injection Vulnerability in Magic Keyboard
New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
Security researchers at Praetorian have disclosed a class of Continuous Integration/Continuous Deployment (CI/CD) attacks that could have allowed attackers to inject malicious code into the PyTorch …
Continue Reading about New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
China Says State-Backed Experts Crack Apple’s AirDrop
The Beijing municipal government revealed that experts in China have devised a method to identify users of Apple's encrypted AirDrop service, allowing access to phone numbers and email accounts. The …
Continue Reading about China Says State-Backed Experts Crack Apple’s AirDrop
Dutch Engineer Used Water Pump to Get Billion-Dollar Stuxnet Malware Into Iranian Nuclear Facility: Report
The Dutch newspaper De Volkskrant's investigation revealed a Dutch engineer recruited by the Netherlands' intelligence services, the AIVD, likely played a role in deploying the Stuxnet malware at an …
Kyocera Device Manager Vulnerability Exposes Enterprise Credentials
Kyocera Device Manager, a management tool for Kyocera printers and multifunction devices, was found to have a vulnerability (CVE-2023-50916) allowing attackers to manipulate paths and potentially …
Continue Reading about Kyocera Device Manager Vulnerability Exposes Enterprise Credentials
Anecdotes Raises $25 Million for Enterprise GRC Platform
Anecdotes, an enterprise governance, risk management, and compliance (GRC) solutions provider, secured $25 million in a Series B funding round led by Glilot Capital Partners, with contributions from …
Continue Reading about Anecdotes Raises $25 Million for Enterprise GRC Platform
Vigilant Ops Raises $2 Million for SBOM Management Platform
Vigilant Ops, a cybersecurity startup, secured a $2 million seed investment from DataTribe to enhance its software bills of materials (SBOMs) management platform. Founded in 2019, the Pittsburgh-based …
Continue Reading about Vigilant Ops Raises $2 Million for SBOM Management Platform
Nigerian Arrested, Charged in $7.5 Million BEC Scheme Targeting US Charities
Olusegun Samson Adejorin, a Nigerian national, faces charges in the US for his role in a business email compromise (BEC) scheme involving two charitable organizations. Between June and August 2020, …
Continue Reading about Nigerian Arrested, Charged in $7.5 Million BEC Scheme Targeting US Charities
US Says 19 People Charged Following 2019 Takedown of xDedic Cybercrime Marketplace
The US Justice Department recently unveiled charges against 19 individuals involved in operating and utilizing the xDedic cybercrime marketplace, dismantled in 2019. xDedic facilitated the sale of …