Security News Bundle

"ICQ Messenger shuts down after almost 28 years."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 26 May 2024, 1345 UTC.

Content and Source: News Bundle.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (,

Security News Bundle



A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fake AV websites used to distribute info-stealer malware MITRE December 2023 attack: Threat actors created rogue VMs to evade detection An XSS fla


Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for the Justice AV Solutions JAVS Viewer software. The attackers were able to inject a backdoor in the JAVS Viewer v8.3.7 installer that is being distributed from the JAVS’ servers. Justice AV Solutions (JAV
Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advanced Research Center team spotted multiple fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE and Inno setup installer, including Sp
Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. "Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate's platform customers,"
The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update about the December 2023 attack . In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. The security team at the organization promptly launched an investigation, lo

MAY 24, 2024

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835 , that allows attackers to take over user accounts. An attacker can exploit this issue by using a specially crafted page to exfiltrate sensitive user information. The vulnerability impac
An aggressive, nebulous ring of young cybercriminals linked to a string of recent high-profile breaches is made up of approximately 1,000 people, a senior FBI official said Friday. In remarks Friday at the cybercrime-focused Sleuthcon conference, Bryan Vorndran, assistant director of the FBI’s Cyber Division, described the group best known as Scattered Spider as a “very, very large, expansive, di
The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the threat actor creating rogue virtual machines (VMs) within its VMware environment. "The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access,"
Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google has released a new emergency security update to address a new vulnerability, tracked as CVE-2024-5274, in the Chrome browser, it is the eighth zero-day exploited in attacks disclosed this year. The vulnerability is a high-severity ‘type confusion’ in the V8 Java
Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices
The one thing that every affiliate marketer would want is to have an advanced and robust network by their side. It ensures that you have all the right tools and features to progress with your affiliate marketing efforts. How does it do that you may ask? Well, it allows you to find the right crypto CPA network and affiliate program. So, if you are looking for a robust network, then this Monetize M


Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.