- Cybersecurity News:
- Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts [Ravie Lakshmanan, The Hacker News]
- A proxyjacking campaign is looking for vulnerable SSH servers [Pieter Arntz, malwarebytes Labs]
- Siemens Energy, Schneider Electric Targeted by Ransomware Group in MOVEit Attack [Eduard Kovacs, Security week]
- Beware: New ‘Rustbucket’ Malware Variant Targeting macOS Users [Ravie Lakshmanan, The Hacker News]
- Android users at risk as banking trojan targets more apps [Kurt Knutsson, Fox News]
- Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data [Ravie Lakshmanan, The Hacker News]
- Breaches & Leaks:
- Cyberattack exposes data on nearly 9K American and Southwest Airlines pilot applicants [Matt Kapko, Cybersecurity Dive]
- Apple chip supplier confirms data breach, hackers claim $70 million ransomware [The times of India, The times of India]
- TSMC confirms supplier data breach following ransom demand by Russian-speaking cybercriminal group [Sean Lyngaas, CNN]
- Vulnerabilities & Patches:
- A proxyjacking campaign is looking for vulnerable SSH servers [Pieter Arntz, malwarebytes Labs]
- Update Your iPhone Right Now to Fix 2 Apple Zero Days | WIRED [WiredAndrew Couts, Wired]
- Microsoft Teams bug allows malware delivery from external accounts [Bill Toulas, Bleeping Computer]
- MITRE releases new list of top 25 most dangerous software bugs [Sergiu Gatlan, Bleeping Computer]
- New Fortinet’s FortiNAC Vulnerability Exposes Networks to Code Execution Attacks [Ravie Lakshmanan, The hacker news]
- Exploit released for new Arcserve UDP auth bypass vulnerability [Sergiu Gatlan, Bleeping Computer]
- Details Disclosed for Critical SAP Vulnerabilities, Including Wormable Exploit Chain [Eduard Kovacs, Security week]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F
![[TI: logo for TI accredited teams]](../assets/img/TI-Accredited_120x120.jpg)
![[FIRST.org Logo]](../assets/img/first-org-simple.png)