News

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant sai...
2024-09-07 12:58
local_offer
FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals
Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and ...
2024-09-07 12:40
local_offer
KDE Slimbook VI – A Powerful Laptop for KDE Enthusiasts
Looking for a powerful new Linux laptop? The new KDE Slimbook VI may very well appeal. Unveiled at Akademy 2024, KDE’s annual community get-together, the KDE Slimbook VI marks a major refresh from earlier models in the KDE Slimbook line. And this...
2024-09-07 12:22
Microsoft says it has fixed an issue that caused Windows 11 File Explorer to crash
A bug in Windows 11 has been causing explorer.exe (File Explorer) to crash for some users. However, it seems that the company has finally fixed it. In a recent post on Feedback Hub, Microsoft confirmed that it has patched an issue that caused Explorer....
2024-09-07 09:31
SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries...
2024-09-06 21:25
local_offer
GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware
A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is...
2024-09-06 20:44
local_offer
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names sligh...
2024-09-06 20:33
local_offer
Xmem and FVWM
So given that, xmem can be useful as a monitoring tool. Fluffy (my main server) runs both squid and apache, and given that fluffy only has 64MB of RAM, things can get a little cramped. If I suddenly see that the whole of xmem turns blue (i.e. the swa...
2024-09-06 20:32
local_offer
NGINX Open Source Moves to GitHub
The NGINX Open Source project has officially moved from Mercurial to GitHub. Join us in the new repository!
2024-09-06 20:22
The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025
The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to the independent survey, the demand for these services is increasing, with...
2024-09-06 15:07
local_offer
Python in Visual Studio Code – September 2024 Release
The September 2024 release of the Python and Jupyter extensions for Visual Studio Code are now available. This month's updates include Django test support. Keep reading to learn more! The post Python in Visual Studio Code – September 2024 Release...
2024-09-06 13:50
A desktop touched by Midas: Oracular Oriole
In the poem “To an Oriole” [1], novelist and poet Edgar Fawcett inquires about the origin and nature of the oriole. He likens the northern song bird to a “scrap of sunset with a voice” and an orange tulip in a forgotten garden that was magicall...
2024-09-06 13:41
Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS sc...
2024-09-06 12:05
local_offer
Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution
A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows. The high-severity vulnerability,...
2024-09-06 10:52
local_offer
Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity
Telegram CEO Pavel Durov has broken his silence nearly two weeks after his arrest in France, stating the charges are misguided. "If a country is unhappy with an internet service, the established practice is to start a legal action against the service i...
2024-09-06 09:32
local_offer