Cybersecurity experts have found a new information stealer targeting Apple macOS computers that is intended to establish persistence on compromised hosts and function as spyware.
Kandji’s malware, dubbed Cuckoo, is a universal Mach-O binary that can execute on both…
The U.S. government, through a joint advisory from the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Department of State, has issued a cybersecurity alert regarding the activities of North Korean threat actors. These actors are employing…
Google Passkeys have taken the cybersecurity world by storm, with over 400 million accounts now utilizing this innovative authentication method. Introduced by Google two years ago, passkeys offer a seamless and secure alternative to traditional passwords, relying on…
The United Kingdom’s National Cyber Security Centre (NCSC) has taken a groundbreaking step in cybersecurity by implementing the Product Security and Telecommunications Infrastructure (PSTI) act, effective April 29, 2024. This legislation mandates that manufacturers of…
Okta, an identity and access management (IAM) services provider, has issued a warning about an increase in the “frequency and scale” of credential stuffing attacks against online services.
These extraordinary attacks, noticed over the last month, are believed to…
Injustice Unveiled: Faulty Facial Recognition AI Leads to Wrongful Arrest of Innocent Black Woman
April 28, 2024
Last summer in Detroit, Michigan, police arrested Porcha Woodruff, a Black woman, based on flawed identification by an AI program. Despite the case being dismissed, Woodruff’s wrongful arrest remains on public record, highlighting a grave flaw in facial recognition…
Breaking News: Ukraine Under Siege Cyberattack Exploits Ancient Microsoft Office Vulnerability
April 27, 2024
Cybersecurity researchers have uncovered a targeted cyber operation against Ukraine that exploits a nearly seven-year-old vulnerability in Microsoft Office to deploy Cobalt Strike on infected systems.
The attack chain, reported by Deep Instinct, commenced in late 2023 and…
A recent cybersecurity revelation sheds light on an ongoing social engineering scheme aimed at software developers, utilizing deceptive npm packages disguised as job interview opportunities to deploy a Python backdoor.
Securonix, a cybersecurity firm, has identified the…
Two zero-day vulnerabilities in Cisco networking equipment were used by a recent malware campaign to distribute bespoke malware and enable surreptitious data collecting on target environments.
Cisco Talos, which gave the activity the moniker “ArcaneDoor,” claimed…