Amnesty International on Friday said it determined that a zero-day exploit sold by controversial exploit vendor Cellebrite was used to compromise the phone of a Serbian student who had been critical of that country’s government. The human rights organization first called out Serbian authorities in December for what it said was its “pervasive and routine… Read More »
Getty Images reader comments 24 Malicious hackers likely working on behalf of the Chinese government have been exploiting a high-severity zero-day vulnerability that allowed them to infect at least four US-based ISPs with malware that steals credentials used by downstream customers, researchers said Tuesday. The vulnerability resides in the Versa Director, a virtualization platform that… Read More »
Getty Images reader comments 9 Threat actors carried out zero-day attacks that targeted Windows users with malware for more than a year before Microsoft fixed the vulnerability that made them possible, researchers said Tuesday. The vulnerability, present in both Windows 10 and 11, causes devices to open Internet Explorer, a legacy browser that Microsoft decommissioned… Read More »
Enlarge / APT37, a group believed to be backed by the North Korean government, has found success exploiting the bits of Internet Explorer still present in various Windows-based apps. Aurich Lawson | Getty Images reader comments 22 with 0 posters participating Share this story Microsoft’s Edge browser has replaced Internet Explorer in almost every regard,… Read More »
Enlarge / It’s a good time to restart or update Chrome—if your tabs love you, they’ll come back. Getty Images reader comments 34 with 26 posters participating Share this story Google announced an update on Wednesday to the Stable channel of its Chrome browser that includes a fix for an exploit that exists in the… Read More »
reader comments 8 with 8 posters participating Share this story Imagine having unlimited attempts to guess someone’s username and password without getting caught. That would make an ideal scenario for a stealthy threat actor—leaving server admins with little to no visibility into the attacker’s actions, let alone the possibility of blocking them. A newly discovered… Read More »