China soldier PLA
Featured Government Nation-state

Chinese military unit accused of cyber-espionage bought multiple western antivirus products

A Chinese military unit that was accused last month by Japanese authorities of carrying out a years-long cyber-espionage campaign was seen buying batches of different western-made antivirus products.

Apple
Featured Technology

Apple releases fixes for three WebKit zero-days, additional patches for a fourth

Apple has released today security updates for multiple products to patch three zero-days and roll out additional patches for a fourth that the company said they might have been exploited in the wild.

Japan Tokyo
Cybercrime Featured Technology

Hacking campaign targets FileZen file-sharing network appliances

Threat actors are using two vulnerabilities in a popular file-sharing server to breach corporate and government systems and steal sensitive data as part of a global hacking campaign that has already hit a major target in the Japanese Prime Minister’s Cabinet Office.

SonicWall
Featured Technology

Hackers go after SonicWall email appliances with three zero-days

A hacking group has used three zero-day vulnerabilities impacting SonicWall products to breach corporate networks and install backdoors, security firm FireEye said in a report on Tuesday.

military-air-force-jet-airplane
Featured Government Nation-state Technology

Chinese hackers used Pulse Secure VPN zero-day to breach US defense contractors

Two hacking groups, including at least one confirmed Chinese cyber-espionage outfit, have used a new zero-day vulnerability in Pulse Secure VPN equipment to gain a foothold inside the networks of US defense contractors and government organizations across the world.

WeChat
Featured Technology

Recent Chromium bug used to attack Chinese WeChat users

A Chrome exploit published online last week has been weaponized and abused to attack WeChat users in China, a local security firm reported on Friday.

Google
Featured Technology

Google’s Project Zero updates vulnerability disclosure rules to add patch cushion

The Google Project Zero security team has updated its vulnerability disclosure guidelines today to add a cushion of 30 days to every security bug disclosure, so end-users have enough time to patch software and prevent attackers from weaponizing bugs.

Google Chrome
Featured Technology

Another Chrome and Edge exploit published online as browser makers deal with patch gap issues

For the second time this week, a security researcher has published proof-of-concept (PoC) code that can exploit and run malicious code inside Chromium-based browsers like Chrome, Edge, Vivaldi, and Opera.

Google Chrome
Featured Technology

Security researcher drops Chrome and Edge exploit on Twitter

An Indian security researcher has published details today about a zero-day vulnerability impacting Google Chrome, Microsoft Edge, and other Chromium-based browsers like Opera and Brave.

North Korea
Featured Nation-state

Google: North Korean hackers are still targeting security researchers

The North Korean government-backed hackers who spent last year trying to lure security professionals to malicious sites to infect their systems with malware have returned with new attacks.