20 cybersecurity projects on GitHub you should check out
Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. …
Helga Labus
Exploited zero-day patched in Chrome (CVE-2023-3079)
Google has fixed a high-severity vulnerability in the Chrome browser (CVE-2023-3079) that is being exploited by attackers. About the vulnerability CVE-2023-3079 is a …
Zoom announces privacy enhancements and tools
Zoom has introduced a new range of privacy enhancements and tools to make sure users have control over their data and their privacy preferences. These enhancements not only …
Google extends passkeys to Google Workspace accounts
After making passkeys available for consumers in early May, Google is now rolling them out for Google Workspace and Google Cloud accounts. This feature will soon be available …
9 free cybersecurity whitepapers you should read
In today’s rapidly evolving digital landscape, organizations face constant cyber threats that can compromise their sensitive data, disrupt operations, and damage their …
Google triples reward for Chrome full chain exploits
Google has tripled the full reward amount for the first security bug report that includes a functional full chain exploit of its popular Chrome browser. Six months of higher …
Qakbot: The trojan that just won’t go away
Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending …
Zyxel patches vulnerability in NAS devices (CVE-2023-27988)
Zyxel has patched a high-severity authenticated command injection vulnerability (CVE-2023-27988) in some of its network attached storage (NAS) devices aimed at home users. …
How APTs target SMBs
Small and medium businesses (SMBs) are not exempt from being targeted by advanced persistent threat (APT) actors, according to Proofpoint researchers. By analyzing a year’s …
Phishers use encrypted file attachments to steal Microsoft 365 account credentials
Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low …
New Buhti ransomware uses leaked payloads and public exploits
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of …
Phishing campaign targets ChatGPT users
A clever phishing campaign aimed at stealing users’ business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted …