RedCurl cyberspies create ransomware to encrypt Hyper-V servers
A threat actor named ‘RedCurl,’ known for stealthy corporate espionage operations since 2018, is now using a ransomware encryptor designed…
New npm attack poisons local packages with backdoors
Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a…
Recent Windows updates cause Remote Desktop issues
Microsoft says that some customers might experience Remote Desktop and RDS connection issues after installing recent Windows updates released since…
Windows 11 update breaks Veeam recovery, causes connection errors
Microsoft and Veeam are investigating a known issue that triggers connection errors on Windows 11 24H2 systems when restoring from…
Google fixes Chrome zero-day exploited in espionage campaign
Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser’s sandbox and deploy malware in espionage attacks…
Chinese hackers spend years roaming telecommunications service
A Chinese advanced persistent threat group (APT) was able to roam the networks of an Asian telecommunications company for years…
CrushFTP warns users to patch unauthenticated access flaw immediately
CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. As the…
Cloudflare R2 service outage caused by password rotation error
Cloudflare announced that its R2 object storage and dependent services experienced an outage lasting 1 hour and 7 minutes, causing…
Broadcom warns of authentication bypass in VMware Windows Tools
Broadcom released security updates today to fix a high-severity authentication bypass vulnerability in VMware Tools for Windows. VMware Tools is…
New Windows zero-day leaks NTLM hashes, gets unofficial patch
Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by…