Hackers steal $120m from Badger Defi and $30m from MonoX

MonoX security breach was caused by a bug in smart contracts meanwhile Badger is still investigating the incident. Two DeFi projects BadgerDAO and MonoX are the latest victims of security…

What Is Privilege Escalation? Definition, Types and Examples

Privilege escalation might be a confusing cybersecurity term for many. That’s why in this article we’re going to shed a little bit more light on this topic. Keep reading to…

Threat Group Takes Aim Again at Cloud Platform Provider Zoho

Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio. State-backed adversaries expanded attacks against cloud platform company Zoho and its…

The In-house Zoho ServiceDesk Exploit Used to Drop Webshells

You may recall that we reported a while ago that state-backed advanced persistent threat (APT) organizations had been actively exploiting a significant hole in a Zoho single sign-on and password…

Mozilla properly fuzzed NSS and still ended up with a simple memory corruption hole

When it comes to fuzzing, Mozilla has plenty of cred, and has been doing so for some time, and yet, its prized Network Security Services (NSS) library was busted by…

80K Retail WooCommerce Sites Exposed by Plugin XSS Bug

The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to inject malicious scripts. The plugin “Variation Swatches for WooCommerce,” installed across 80,000…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

HP Printer Hijack Bugs Impact 150 Models

HP Printer Hijack Bugs Impact 150 Models Security researchers have discovered two vulnerabilities in multi-function printers (MFPs) which impacted 150 product models. F-Secure security consultants Timo Hirvonen and Alexander Bolshev…

Printing Shellz: Critical bugs impacting 150 HP printer models patched

F-Secure HP has patched critical flaws impacting approximately 150 printer models.  Printers are usually connected to business networks — and potentially forgotten when it comes to security — so they…

Attackers exploiting Windows Installer vulnerability despite patching

According to Cisco Talos, abusing the flaw would allow an attacker with limited access to get higher privileges and become an administrator. A Windows Installer security vulnerability, tracked as CVE-2021-41379,…