Zeljka Zorz
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/12/10204233/patch_tuesday-red-400x200.webp)
Microsoft fixes exploited zero-day (CVE-2024-49138)
On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by …
![Cleo](https://img.helpnetsecurity.com/wp-content/uploads/2024/12/10142146/cleo-10122024-1500x800px-400x200.webp)
Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623)
Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to …
![OpenWrt](https://img.helpnetsecurity.com/wp-content/uploads/2024/12/09152649/opetwrt-1500-400x200.webp)
Update your OpenWrt router! Security issue made supply chain attack possible
A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2024/12/09164339/microsoft-money-1500-400x200.webp)
Microsoft: “Hack” this LLM-powered service and get paid
Microsoft, in collaboration with the Institute of Science and Technology Australia and ETH Zurich, has announced the LLMail-Inject Challenge, a competition to test and improve …
![ship](https://img.helpnetsecurity.com/wp-content/uploads/2024/12/09134631/shipping-1500-400x200.webp)
8Base hacked port operating company Luka Rijeka
Luka Rijeka, a company that offers maritime transport, port, storage of goods and forwarding services in Rijeka, Croatia, has been hacked by the 8Base ransomware group. …
![info-stealer](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/16120625/info-stealer-400x200.webp)
Windows, macOS users targeted with crypto-and-info-stealing malware
Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of …
![CISO](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/09065945/eyes-400x200.webp)
How to choose secure, verifiable technologies?
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, …
![work](https://img.helpnetsecurity.com/wp-content/uploads/2024/09/26114639/work1-400x200.webp)
Mitel MiCollab zero-day and PoC exploit unveiled
A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald …
![encryption](https://img.helpnetsecurity.com/wp-content/uploads/2023/11/29120358/encryption-1400-400x200.jpg)
8 US telcos compromised, FBI advises Americans to use encrypted communications
FBI and Cybersecurity and Infrastructure Security Agency (CISA) officials have advised Americans to use encrypted call and messaging apps to protect their communications from …
![package](https://img.helpnetsecurity.com/wp-content/uploads/2022/05/25171705/package-danger-hns-400x200.jpg)
Solana’s popular web3.js library backdoored in supply chain compromise
A software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry. Just like the recent Lottie Player …
![eyes](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/18152717/eyes-400x200.webp)
How widespread is mercenary spyware? More than you think
A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results …
![Progress](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/04154556/progress-1500-400x200.webp)
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular …
Featured news
Resources
Don't miss
- Ransomware attackers are “vishing” organizations via Microsoft Teams
- Scam Yourself attacks: How social engineering is evolving
- Addressing the intersection of cyber and physical security threats
- Fleet: Open-source platform for IT and security teams
- CERT-UA warns against “security audit” requests via AnyDesk