Node.js has published fixes for a high severity vulnerability that might be exploited by attackers to corrupt the process and cause unexpected behavior, such as application crashes and possibly remote code execution (RCE). CVE-2021-22930 is a us... Read more
A data breach on the City of Geneva’s website and online data systems occurred early one morning in July. The City’s data was posted on a dedicated leak site by a second ransomware organization two days later. This ransomware or... Read more
In its investigation of the LemonDuck malware, which is known for installing crypto-miners in enterprise systems, Microsoft has made further progress. A compelling argument is made for why you should remove it from your network. In addition to h... Read more
A new strain of LockBit ransomware has been uncovered that encrypts a Windows domain automatically. LockBit 2.0 ransomware, which was recently found, has a number of complex capabilities and is now exploiting Active Directory group restrictions.... Read more
The approach used by a strain of macOS malware to collect login credentials from various apps, allowing its operators to steal log-in credentials, has been revealed by security researchers. The malware, dubbed XCSSET, has been infecting loc... Read more