Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft expands Recall preview to Intel and AMD Copilot+ PCs
Description: ​Microsoft is now testing its AI-powered Recall feature on AMD and Intel-powered Copilot+ PCs enrolled in the Windows 11 Insider program. [...]
Source: BleepingComputer
December 6th, 2024 (5 months ago)
Ultralytics AI model hijacked to infect thousands with cryptominer
Description: The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI)   [...]
Source: BleepingComputer
December 6th, 2024 (5 months ago)
New Windows zero-day exposes NTLM credentials, gets unofficial patch
Description: A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. [...]
Source: BleepingComputer
December 6th, 2024 (5 months ago)
Blue Yonder SaaS giant breached by Termite ransomware gang
Description: ​The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. [...]
Source: BleepingComputer
December 6th, 2024 (5 months ago)
FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine
Description: A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the University of Toronto's Citizen Lab. "The spyware placed on his device allows the operator to track a target device's
Source: TheHackerNews
December 6th, 2024 (5 months ago)
Crypto-stealing malware posing as a meeting app targets Web3 pros
Description: Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. [...]
Source: BleepingComputer
December 6th, 2024 (5 months ago)
Why SOC Roles Need to Evolve to Attract a New Generation
Description: The cybersecurity industry faces a growing crisis in attracting and retaining SOC analysts.
Source: Dark Reading
December 6th, 2024 (5 months ago)
Conquering the Complexities of Modern BCDR
Description: The modern business landscape is thrilling yet daunting. Rapidly evolving technology, persistent cyberthreats and escalating operational complexities make data protection and seamless business continuity challenging for businesses of all sizes. Your organization needs robust security measures that go beyond traditional backup solutions to address the intricacies of today’s complex IT ecosystems.
Source: TheHackerNews
December 6th, 2024 (5 months ago)
Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks
Description: Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month. Unlike the first
Source: TheHackerNews
December 6th, 2024 (5 months ago)
More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader
Description: The threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS) operation. This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using VenomLNK, a staple tool that serves as an initial access vector for the deployment of follow-on
Source: TheHackerNews
December 6th, 2024 (5 months ago)