MUST READ. Malware-laced JAVS Viewer deploys RustDoor implant in supply chain attack.
Sweden's liquor supply severely impacted by ransomware attack on logistics company.
Microsoft fixed two zero-day bugs exploited in malware attacks.
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware.
Fujitsu suffered a malware attack and probably a data breach.
Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware.
LockBit ransomware gang claims the attack on the sandwich chain Subway.
Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies.
Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware.
North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack.
Exposed Kubernetes configuration secrets can fuel supply chain attacks.
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies.
Critical Confluence flaw exploited in ransomware attacks.
iLeakage attack exploits Safari to steal data from Apple devices.
Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks.
Apple fixed the 17th zero-day flaw exploited in attacks.
Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks.
Ukrainian hackers are behind the Free Download Manager supply chain attack.
This Cyber News was published on securityaffairs.com. Publication date: Sun, 26 May 2024 19:13:08 +0000