A remote code execution (RCE) attack chain caused due to a local file inclusion bug in the developer blogging platform Hashnode has been disclosed by security researchers.

Nine of the externally reported security holes are rated high severity, the majority of which are use-after-free bugs affecting components such as Cast UI, Omnibox, Views, WebShare, and Media.

In comparison to organizations, consumers are less secure, have fewer resources, and sometimes miss having a reliable antivirus solution.

Security researcher Wladimir Palant discovered a “trivial” bug in the Skype-for-Chrome extension that allowed websites to ascertain information about user accounts that should typically be off-limits.

After months of inactivity, operators behind the TrickBot malware botnet appear to went offline with their server infrastructure. Its TTPs were becoming highly detectable. Going by experts, the decline in the volume of the Trickbot campaigns is accompanied by the fact that its operators are working with Emotet malware. Organizations must equip themselves with reliable threat […]

A large-scale campaign involving over 200 phishing and scam sites has tricked users into giving their personal data to fake investments schemes impersonating genuine brands.

Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted device.

While legitimate concerns grow about the Russian-Ukrainian conflict sparking a far-reaching cyberwarfare activity around the globe, small-time crooks are also ramping up their efforts amid the crisis.

European police forces are claiming another win after busting a suspected cybercrime gang that used the dark web to distribute counterfeit ID documents for migrant smugglers.

The vulnerability affects all versions from 12.10 to 14.6.4, all versions starting from 14.7 to 14.7.3, and all versions starting from 14.8 to 14.8.1, according to a security advisory from GitLab.