A Well-Known NPM Library Was Hijacked

User-Agent data is utilized by UA-Parser-JS in applications and webpages to determine the type of device or browser a user is using. A remote attacker might gain access to sensitive…

Tesco's website restored after suspected cyberattack

UK supermarket giant Tesco has restored access to its website and app after an outage struck the service on Saturday, preventing customers from ordering or cancelling deliveries until Sunday evening.…

Cisco SD-WAN Security Bug Allows Root Code Execution

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw. Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could allow…

This monster of a phishing campaign is after your passwords

Microsoft has detailed an unusual phishing campaign aimed at stealing passwords that uses a phishing kit built using pieces of code copied from other hackers’ work. A “phishing kit” is…

Introducing ATT&CK v10: More Objects, Parity and Features

Amy L. RobertsonOct 21 · 6 min read By Amy L. Robertson (MITRE), Alexia Crumpton (MITRE), and Chris Ante (MITRE) As announced a couple of weeks ago, we’re back with…

20+ Free Remote Desktop Software Tools You Need to Know

Remote desktop software is basically a computer program that lets you connect to another computer. The PC you will connect to is named “the host”, your PC from where you…

These hackers dodge Windows and target Linux as they look to steal phone data

A stealthy hacking group is infiltrating telecommunications companies around the world in a campaign which researchers have linked to intelligence gathering and cyber espionage.  The campaign, which has been active…

Best VPN for torrenting 2021

BitTorrent is a complex topic. As a technology, it’s perfectly legal. But what you do with it could be illegal. Before we dive into the legalities of torrenting, let’s do…

New Linux kernel memory corruption bug causes full system compromise

Researchers dubbed it a “straightforward Linux kernel locking bug” that they exploited against Debian Buster’s 4.19.0.13-amd64 kernel. In 2017, MacAfee researchers disclosed a memory corruption bug inside the Linux kernel’s UDP…

A Well-Known Bug Bounty Platform Wants Zero-day Exploits for Windows VPN Clients

Zerodium is a premium bug bounty platform created by cybersecurity specialists with zero-day exploit and vulnerability research experience. The goal of Zerodium is to gather together independent security researchers to…