Several platform certificates, belonging to LG Electronics, Revoview, Mediatek, and Samsung Electronics, were found being abused by threat actors to sign malicious Android apps. Google recommends vendors minimize the number of applications signed with the platform certificate to lower the cost of p ... Read More

Patches for this vulnerability have been included in Chrome 108.0.5359.94 for Mac and Linux, and in Chrome 108.0.5359.94/.95 for Windows. Users are advised to update to a patched iteration as soon as possible.

Cyble research team has unearthed a new MaaS operation dubbed DuckLogs. It reportedly offers beginners and other cyber attackers easy access to malicious modules. DuckLogs mainly includes an information stealer and a RAT component. The malware is most likely distributed using spam or phishing email ... Read More

According to Kaspersky, the malware masquerades as ransomware, but the analysis of the code demonstrates that it does not actually encrypt, but only destroys data in the infected system.

The apps were discovered by Dr. Web antivirus and pretend to be useful utilities and system optimizers but, in reality, are the sources of performance hiccups, ads, and user experience degradation.

The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution.

The threat actors were observed spreading fake cryptocurrency apps under the fake brand BloxHolder to deliver the AppleJeus malware for initial access to networks and steal crypto assets.

Schoolyard Bully Trojan, a new Android threat campaign, victimized over 300,000 users across 71 countries. The malware steals Facebook credentials pretending to be educational apps. Experts found 37 apps associated with this campaign and these are actively being distributed via third-party app stor ... Read More

Qualys’ Threat Research Unit has shown how a new Linux vulnerability could be chained with two other apparently harmless flaws to gain full root privileges on an affected system.

Researchers at industrial cybersecurity firm Nozomi Networks have discovered three vulnerabilities in Mitsubishi Electric’s GX Works3 engineering workstation software that could be exploited to hack safety systems.