Lampion Banking Malware Reappears in WeTransfer Phishing Attacks
Lampion malware operators use the free file-sharing platform WeTransfer to perform phishing attacks. This way, attackers can avoid security alerts since they are tricking users into downloading from a trustworthy service. The malware [...]
High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices
A set of six high-severity firmware vulnerabilities impacting a broad range of HP Enterprise devices are still waiting to be patched, although some of them were publicly disclosed since July [...]
Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts
A zero-day flaw in a WordPress plugin known as BackupBuddy is being actively exploited, WordPress safety firm Wordfence has disclosed. BackupBuddy The BackupBuddy vulnerability impacts versions 8.5.8.0 through 8.7.4.1 and is under attack [...]
North Korean Lazarus hackers take aim at U.S. energy providers
The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada [...]
Cisco Released Patches for Vulnerabilities Affecting Several Products
Cisco has released updates to address vulnerabilities affecting multiple products. The vulnerability, identified as CVE-2022-28199 (CVSS 8.6), is due to improper error handling in the network stack of DPDK, which enables a remote attacker to cause [...]
FHN 
