Dridex is a Trojan malware, also known as Bugat or Cridex, which is capable of stealing sensitive information from infected machines and delivering and executing malicious modules (dll).

The bug allowed someone to create and store fake vaccine credentials in their NYS Excelsior Pass Wallet that might allow them to gain access to physical spaces where they would not be allowed without a legitimate vaccine credential.

Four of the identified security holes impact the npm CLI when a malicious or untrusted npm package is installed and could lead to code execution even when using the –ignore-scripts argument.

Two healthcare organizations have begun sending out breach notification letters to thousands of people in California and Arizona after both revealed that sensitive information were accessed during recent cyberattacks.

Cisco this week released patches for multiple high-severity vulnerabilities in the IOS XR software and warned that attackers could exploit these bugs to reboot devices, elevate privileges, or overwrite and read arbitrary files.

In August of 2021, Lacework Labs identified a Linux variant of ChaChi, a customized variant of an open-source Golang based RAT that leverages DNS tunneling for C2 communication.

Currently in Android 12 Beta, Private Compute Core is an open source platform that aims to isolate itself from other apps and the main operating system on an Android device to improve privacy and security.

A newly discovered side-channel attack targeting Google Chrome can allow an attacker to overcome the web browser’s security defenses to retrieve sensitive information using a Spectre-style attack.

A mix of banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain are the target of a newly discovered Android trojan that could enable attackers to siphon personally identifiable information from infected devices.

Cybercriminals have broken into the computer network of the United Nations and made off with data, according to researchers at cybersecurity firm Resecurity. The report also said that the entry was gained through an employee’s Umoja account.