Kavita Iyer

Cybersecurity company Securonix has discovered a new ongoing social engineering attack campaign that targets software developers with bogus npm packages on the pretext of fake job interviews and tricks them into downloading a Python-based remote access trojan (RAT).

Security researchers have discovered a new Android banking trojan that can steal users’ sensitive information and allow attackers to remotely control infected devices.

Security researchers at HiddenLayer have discovered a vulnerability in the R programming language that allows for arbitrary code execution by deserializing untrusted data.

The U.S. Federal Communications Commission (FCC) on Monday announced that it has fined the nation’s largest wireless carriers nearly $200 million for illegally sharing customers’ personal data without their consent and without taking reasonable measures to safeguard that information against unauthorized disclosure.

Tech giant Google has again announced more job cuts to reduce its additional expenditures by hiring cheap labor outside the United States.

On April 9, 2024, Microsoft released its second Patch Tuesday update for Windows 11 23H2 and 22H2 via KB5036893, and the monthly security update for April 2024 on Windows Server 20H2, and Windows 10 for the latest supported versions, 20H2, 21H2, and 22H2 via KB5036892.

Google is now offering a bounty of up to $450,000 for reporting remote code execution (RCE) vulnerabilities within select Android apps.

Researchers have recently tracked a new malware, “Cuttlefish,” that targets networking equipment, specifically enterprise-grade small office/home office (SOHO) routers, to steal authentication material found in web requests that transit the router from the adjacent local area network (LAN).

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added one new vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation found in the DevOps platform GitLab.

On January 9, 2024, Microsoft had notified that a BitLocker Secure Boot bypass vulnerability tracked under ID “CVE-2024-20666” could allow threat actors to bypass BitLocker encryption to gain access to encrypted data, provided they get physical access to an unpatched PC.