Telegram trading bot Solareum shutters days after $520K exploit 2024-04-02 at 10:01 By Cointelegraph by Martin Young The team cited insufficient funds, evolving market trends, and a recent security breach for its closure. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:
React to this headline:
Telegram trading bot Solareum shutters days after $520K exploit Read More »
Prisma Finance says $540K still at risk, hacker demands team reveal themselves 2024-04-01 at 05:02 By Cointelegraph by Brayden Lindrea The decentralized borrowing protocol said there were still 14 accounts that have yet to revoke the affected smart contract that caused $11.6 million to be exploited last week. This article is an excerpt from Cointelegraph.com
React to this headline:
Prisma Finance says $540K still at risk, hacker demands team reveal themselves Read More »
Zero-day exploitation surged in 2023, Google finds 2024-03-28 at 17:17 By Zeljka Zorz 2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries (libvpx, ImagelO) and drivers (Mali GPU, Qualcomm Adreno GPU), as they can affect multiple products and effectively offer more possibilities for attack. Another interesting conclusion from
React to this headline:
Zero-day exploitation surged in 2023, Google finds Read More »
Hacker mints 1B tokens in $16M Curio smart contract exploit 2024-03-26 at 14:02 By Cointelegraph by Ezra Reguerra Curio said it will conduct a fund compensation program for affected liquidity providers, which could potentially take up to one year to complete. This article is an excerpt from Cointelegraph.com News View Original Source React to this
React to this headline:
Hacker mints 1B tokens in $16M Curio smart contract exploit Read More »
Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware 2024-03-21 at 12:01 By Helga Labus Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024-27198, an authentication bypass vulnerability affecting the TeamCity
React to this headline:
Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware Read More »
$200,000 Awarded at Pwn2Own 2024 for Tesla Hack 2024-03-21 at 11:46 By Eduard Kovacs Participants earned a total of $732,500 on the first day of Pwn2Own Vancouver 2024 for hacking a Tesla, operating systems, and other software. The post $200,000 Awarded at Pwn2Own 2024 for Tesla Hack appeared first on SecurityWeek. This article is an
React to this headline:
$200,000 Awarded at Pwn2Own 2024 for Tesla Hack Read More »
Old Dolomite exchange contract suffers $1.8M loss from approval exploit 2024-03-21 at 00:01 By Cointelegraph by Christopher Roark The Ethereum version of Dolomite suffered a $1.8 million exploit, and the team is warning users to revoke approvals for this old address. This article is an excerpt from Cointelegraph.com News View Original Source React to this
React to this headline:
Old Dolomite exchange contract suffers $1.8M loss from approval exploit Read More »
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) 2024-03-19 at 14:01 By Helga Labus Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra FileCatalyst is an enterprise managed file transfer (MFT) software solution that includes several components: FileCatalyst Direct, Workflow, and
React to this headline:
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) Read More »
Mozaic Finance hacked for $2.4M via private key compromise 2024-03-15 at 23:17 By Cointelegraph by Christopher Roark The yield farming app was exploited through a possible private key compromise, according to a CertiK report. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:
React to this headline:
Mozaic Finance hacked for $2.4M via private key compromise Read More »
NetMind platform ‘has not been compromised,’ claims team after miner hack FUD 2024-03-15 at 20:04 By Cointelegraph by Christopher Roark NetMind AI claimed that the token crash was caused by an individual miner being hacked, not by a platform-wide exploit. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:
React to this headline:
NetMind platform ‘has not been compromised,’ claims team after miner hack FUD Read More »
CGSI Probes: ShadowSyndicate Group’s Possible Exploitation of Aiohttp Vulnerability (CVE-2024-23334) 2024-03-15 at 11:01 By neetha871ad236bd CGSI captures potential exploitation of an Aiohttp vulnerability by the ShadowSyndicate Group. The post CGSI Probes: ShadowSyndicate Group’s Possible Exploitation of Aiohttp Vulnerability (CVE-2024-23334) appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to
React to this headline:
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) 2024-03-14 at 13:00 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as
React to this headline:
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) Read More »
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware 2024-03-12 at 11:01 By Helga Labus A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among the exploited vulnerabilities are also two recently discovered Ivanti Connect Secure VPN flaws that are widely
React to this headline:
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware Read More »
DeFi protocol Unizen to provide ‘immediate reimbursement’ after $2.1M hack 2024-03-11 at 11:01 By Cointelegraph by Ezra Reguerra DeFi protocol Unizen announced that it will issue an immediate refund to users who lost their funds to an exploit this weekend. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:
React to this headline:
DeFi protocol Unizen to provide ‘immediate reimbursement’ after $2.1M hack Read More »
JetBrains TeamCity Authentication Bypass vulnerability under Active Exploitation 2024-03-07 at 12:25 By neetha871ad236bd Cyble Global Sensor Intelligence observes active exploitation of JetBrains TeamCity Authentication Bypass vulnerability. The post JetBrains TeamCity Authentication Bypass vulnerability under Active Exploitation appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:
React to this headline:
JetBrains TeamCity Authentication Bypass vulnerability under Active Exploitation Read More »
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) 2024-02-26 at 13:36 By Zeljka Zorz The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of malicious payloads. About ConnectWise ScreenConnect ConnectWise ScreenConnect is a remote desktop solution consisting of server and client
React to this headline:
CVE count set to rise by 25% in 2024 2024-02-26 at 07:00 By Help Net Security The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 vulnerabilities, equivalent to approximately 2,900 per month. Sharp CVE increase heightens software vulnerability concerns Vulnerabilities
React to this headline:
CVE count set to rise by 25% in 2024 Read More »
The old, not the new: Basic security issues still biggest threat to enterprises 2024-02-23 at 08:01 By Help Net Security In 2023, cybercriminals saw more opportunities to “log in” versus hack into corporate networks through valid accounts – making this tactic a preferred weapon for threat actors, according to IBM’s 2024 X-Force Threat Intelligence Index.
React to this headline:
The old, not the new: Basic security issues still biggest threat to enterprises Read More »
Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) 2024-02-22 at 12:31 By Zeljka Zorz The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newer version of ScreenConnect
React to this headline:
Attack velocity surges with average breakout time down to only 62 minutes 2024-02-22 at 07:31 By Help Net Security The speed of cyberattacks continues to accelerate at an alarming rate, according to CrowdStrike. Adversaries increasingly exploit stolen credentials The speed of cyberattacks continues to accelerate at an alarming rate. The report indicates that the average
React to this headline:
Attack velocity surges with average breakout time down to only 62 minutes Read More »