Malware campaign targets server hosting software CWP
A sophisticated threat actor is targeting web hosting software in order to install backdoors and drop rootkits on Linux servers.
The FBI will feed hacked passwords directly into Have I Been Pwned
Australian security researcher Troy Hunt announced today that he granted the US Federal Bureau of Investigation a direct line to upload new content into Have I Been Pwned, a website that indexes data from security breaches.
Fujitsu suspends ProjectWEB platform after Japanese government hacks
Japanese tech giant Fujitsu has temporarily taken down its ProjectWEB enterprise software-as-a-service (SaaS) platform after hackers gained access to its systems and stole files belonging to multiple Japanese government entities.
M1RACLES bug impacts Apple M1 chips, but no need to panic
A security researcher has discovered the first-ever vulnerability in Apple M1 chips that cannot be fixed without a silicon redesign.
Google says Rowhammer attacks are gaining range as RAM is getting smaller
A team of Google security researchers said they discovered a new way to perform Rowhammer attacks against computer memory (RAM) cards that broaden the attack’s initial impact.
Thousands of Chrome extensions are tampering with security headers
Thousands of Google Chrome extensions available on the official Chrome Web Store are tampering with security headers on popular websites, putting users at risk of a wide range of web-based attacks.
Headphone and speaker maker Bose discloses ransomware attack
Audio equipment manufacturer Bose said it was the victim of a ransomware attack that took place earlier this year, on March 7.
Apple fixes macOS zero-day abused by XCSSET malware
Apple has released today security updates for several of its products, including a patch for its macOS desktop operating system that includes a fix for a zero-day vulnerability that has been abused in the wild for almost a year by the XCSSET malware gang.
8.3 million plaintext passwords exposed in DailyQuiz data breach
The personal details of 13 million DailyQuiz users have been leaked online earlier this year after a hacker breached the quiz builder’s database and stole its content, which he later put up for sale.
Air India says data breach impacts 4.5 million former passengers
India’s national carrier Air India said last week that a data breach at one of its software providers exposed the personal information of more than 4.5 million passengers that used its services.