This vulnerability affects Ghostscript versions ? 10.03.0 and can have a significant impact on web applications and services using Ghostscript for document conversion and previews.

The scammers identify previous scam victims and pose as trusted entities such as government agencies, cybersecurity firms, or fund recovery services, asking for upfront fees or personal information to supposedly help with the recovery process.

This vulnerability, tracked as CVE-2024-39884 and caused by a regression, can lead to unintentional exposure of sensitive data when legacy content-type configurations are used.

A new variant of Mallox ransomware has been discovered by cybersecurity researchers at Uptycs, targeting Linux systems with custom encryption and a builder web panel. A custom Python script called web_server.py is used to deliver the ransomware.

Splunk has released a set of security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including high-severity issues. CVE-2024-36985 allows remote code execution via External Lookup in Splunk Enterprise.

The company revealed that their corporate IT network, production environment, and TeamViewer connectivity platform are segmented to prevent unauthorized access. Immediate remediation measures were effective in blocking suspicious activity.

Cyble Research and Intelligence Labs (CRIL) has identified an increase in the exploitation of the Microsoft SmartScreen vulnerability (CVE-2024-21412) through an active campaign targeting regions like Spain, the US, and Australia.

Critical infrastructure providers are urging federal officials for more flexibility in reporting cyber incidents within the first 72 hours under the Cyber Incident Reporting for Critical Infrastructure Act.

Attackers can leverage the Jenkins Script Console to execute malicious Groovy scripts, leading to cybercriminal activities such as the deployment of cryptocurrency miners.