NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages
A “logical flaw” has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass...
Tagged: attackers
Inside a ransomware incident: How a single mistake left a door open for attackers
A security vulnerability that was left unpatched for three years allowed a notorious cyber-criminal gang to breach a network and plant ransomware. The BlackCat...
Critical Bug in Everscale Wallet Could’ve Let Attackers Steal Cryptocurrencies
A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to...
Meta Offers Rewards for Flaws Allowing Attackers to Bypass Integrity Checks
Facebook parent company Meta today announced that its bug bounty program will cover vulnerabilities that can be exploited to bypass integrity safeguards. The program...
JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots
As many as five security vulnerabilities have been addressed in Aethon Tug hospital robots that could enable remote attackers to seize control of the...
Rarible NFT Marketplace Flaw Could’ve Let Attackers Hijack Crypto Wallets
Cybersecurity researchers have disclosed a now-fixed security flaw in the Rarible non-fungible token (NFT) marketplace that, if successfully exploited, could have led to account...
Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles
A group of academics from the University of Oxford and Armasuisse S+T has disclosed details of a new attack technique against the popular Combined...
GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts
DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control...
Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds
Three security vulnerabilities have been disclosed in the popular Wyze Cam devices that grant malicious actors to execute arbitrary code and access camera feeds...
New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers
A newly disclosed security vulnerability in the Kubernetes container engine CRI-O called cr8escape could be exploited by an attacker to break out of containers...