Four vulnerabilities in virtualisation software have been fixed by VMware, including two which were exploited at the 20223 Pwn2Own contest. Three have…
Month: April 2023
LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities
A few days ago we wrote about two vulnerabilities found in PaperCut application servers. As we noted, exploitation was fairly simple…
Magecart threat actor rolls out convincing modal forms
To ensnare new victims, criminals will often devise schemes that attempt to look as realistic as possible. Having said that, it is not…
Update your PaperCut application servers now: Exploits in the wild
PaperCut, maker of print management solutions, has urged product users to update as soon as possible. A security vulnerability which exploits unpatched…
Decoy dog toolkit plays the long game with Pupy RAT
Researchers at Infoblox have discovered a new toolkit being used in the wild called Decoy Dog. It targets enterprises, and has…
APC warns about critical vulnerabilities in online UPS monitoring software
In a security notification, APC has warned home and corporate users about critical vulnerabilities in the software used to monitor and…
Black Basta ransomware attacks Yellow Pages Canada
The Canadian Yellow Pages Group has confirmed it recently became victim of a cyberattack. The Black Basta ransomware group has claimed responsibility for…
GuLoader returns with a rotten shipment
GuLoader, a perennial favourite of email-based malware campaigns since 2019, has been seen in the wild once again. GuLoader is a downloader…
Removing the human: When should AI be used in emotional crisis? Lock and Code S03E09
In January, a mental health nonprofit admitted that it had used Artificial Intelligence to help talk to people in distress. Prompted first…
Adult content malvertising scheme leads to clickjacking
Malwarebytes’ researchers have found a malvertising scheme that leads to clickjacking. Clickjacking is a form of ad fraud which is also…