Zeppelin Ransomware Returns with New Trojan on Board
The malware has popped up in a targeted campaign and a new infection routine.
Google Squashes Critical Android Media Framework Bug
The September Android security bulletin addressed critical- and high-severity flaws tied to 53 CVEs overall.
TeamTNT Gains Full Remote Takeover of Cloud Instances
Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters.
Severe Industrial Bugs Allow Takeover of Critical Systems
Researchers warn of critical vulnerabilities in a third-party industrial component used by top ICS vendors like Rockwell Automation and Siemens.
Spyware Labeled ‘TikTok Pro’ Exploits Fears of US Ban
Malware can take over common device functions as well as creates a phishing page to steal Facebook credentials.
Microsoft’s Patch Tuesday Packed with Critical RCE Bugs
The most concerning of the disclosed bugs would allow an attacker to take over Microsoft Exchange just by sending an email.
Critical Intel Active Management Technology Flaw Allows Privilege Escalation
The critical Intel vulnerability could allow unauthenticated attackers gain escalated privileges on Intel vPro corporate systems.
Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers
Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches.
Cryptobugs Found in Numerous Google Play Store Apps
A new dynamic tool developed by Columbia University researchers flagged cryptography mistakes made in more than 300 popular Android apps.
Bug in Google Maps Opened Door to Cross-Site Scripting Attacks
A researcher discovered a cross-site scripting flaw in Google Map’s export function, which earned him $10,000 in bug bounty rewards.