Email marketing company Mailchimp confirmed this morning that a malicious hacking group managed to compromise its systems to access customer accounts and extract potentially sensitive information. Siobhan Smyth, director ofRead More →
Cybersecurity specialists report the detection of a new remote access Trojan (RAT) that, in addition to including the functions of this malware variant, also has spyware and ransomware capabilities. BoratRead More →
SonarSource cybersecurity specialists report the detection of various vulnerabilities in PEAR, a development environment and distribution system for PHP code components. According to the report, these vulnerabilities could have beenRead More →
In 2021, Versa Networks reported an active 34% of companies already utilizing SASE, with a potential 30% increase in about 12 months after. And vendors also started to include additionalRead More →
Claroty cybersecurity specialists report the identification of two serious vulnerabilities whose exploitation would allow threat actors to deploy severe attacks targeting programmable logic controllers (PLC) developed by Rockwell Automation. TheRead More →
The PCI Security Standards Council (SSC), the organization dedicated to overseeing the Payment Card Industry Data Security Standard (PCI DSS), announced the release of PCI DSS v4.0, which will replaceRead More →
Cybersecurity specialists report the detection of a dangerous vulnerability in Philips e-Alert, a monitoring platform for magnetic resonance imaging equipment used in hospitals around the world. According to the report,Read More →
Rapid7 security teams announced the fix of a critical SQL injection vulnerability in Nexpose, a popular local vulnerabilities management software. The flaw was tracked as CVE-2022-0757 and received a scoreRead More →
After multiple reports surfaced over the past week, Spring confirmed the remote code execution (RCE) vulnerability in the Spring Framework. The vulnerability has been tracked as CVE-2022-22965 and it isRead More →
Cybersecurity specialists reported a new critical zero-day vulnerability in the Spring Core Java framework. Successful exploitation would allow remote code execution (RCE) in affected applications. Spring is a framework thatRead More →
