Month: February 2023

Organizations will often try to patch their systems “on time” in order to be secure from new threats. In this context, “on time” will mean different things to different organizations...

Threat actors are targeting Bitwarden through Google ads phishing campaigns in order to steal users’ password vault credentials. A spoof version of Bitwarden was expertly created to look exactly like...

In the world of Linux distributions, or “distros,” the lifecycle of a distribution refers to the period during which the distribution receives security updates and support from the manufacturer’s development...

DDoS attacks on German airports, banks, and government agencies have been blamed on Killnet, a self-proclaimed Russian hacktivist group. DDoS is a distributed denial-of-service (DDoS) attack that uses a flood...

PALO ALTO, Calif. – February 8, 2023 – TuxCare,, a division of CloudLinux Inc, the main sponsoring company of the AlmaLinux OS Project, today announced the general availability of its...

According to the Trellix research team, they patched nearly 62,000 open-source projects that were vulnerable to a 15-year-old path traversal vulnerability in the Python programming ecosystem. The organization stated that...

There is one vulnerability exploited every 2 hours and attackers can cause significant disruption, downtime, and revenue loss. Before divulging into the cloud patching know-how, it’s imperative to learn about...

Palo Alto Networks Unit 42 security researchers investigated a PlugX malware variant that can hide malicious files on removable USB devices and then infect the Windows hosts to which they...

Akamai researchers have published a proof-of-concept (PoC) for a vulnerability in a Microsoft tool that enables the Windows application development interface to deal with cryptography. The vulnerability, CVE-2022-34689, was discovered...

PALO ALTO, Calif. – February 3, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced that its KernelCare Enterprise Live Patching has been integrated as an...

Ermetic researchers discovered EmojiDeploy, a cross-site request forgery (CSRF) bug in Microsoft Azure services that could allow attackers to remotely execute code on affected systems. According to the company’s blog...

Chinese hackers were discovered using a recently discovered flaw in Fortinet’s FortiOS software as a zero-day vulnerability to distribute malware. CVE-2022-42475 (CVSS score of 9.8) is a buffer overflow vulnerability...