Digital threat researchers at Citizen Lab have uncovered a new zero-click iMessage exploit used to deploy NSO Group’s Pegasus spyware on devices belonging to Bahraini activists.

Upstream’s Series C funding was led by Mitsui Sumitomo Insurance and was joined by new investors I.D.I. Insurance, 57 Stars’ NextGen Mobility Fund, and La Maison Partners.

Threat actors can evade detection using filename matching by renaming the binary executable, as the side-loading technique will remain viable regardless of the name of the executable.

Lojas Renner, Brazil’s largest clothing department store chain, said it suffered a ransomware attack that impacted its IT infrastructure and resulted in the unavailability of some of its systems, including its official web store.

Along with this increased volume of online shopping, a new trend of phishing attacks is doing rounds where cybercriminals impersonate parcel delivery companies in an attempt to steal financial details from their victims.

More than a thousand web apps mistakenly exposed 38 million records on the open internet, including data from a number of Covid-19 contact tracing platforms, vaccination sign-ups, job application portals, and employee databases.

Organizations using security appliances from Sophos have been advised to make sure their devices are up to date after a researcher disclosed the details of a critical vulnerability patched last year.

A colossal, as well as bizarre crypto heist story seems to have reached its end. Poly Network, a DeFi platform, announced the hacker that stole over $600 million in one of the largest crypto heists had returned control of the money.

AT&T Alien Labs has recently discovered a cluster of Linux ELF executables that have low or zero anti-virus detections in VirusTotal though their internal threat analysis systems have flagged them as malicious.

Three so-called “ProxyShell” vulnerabilities are being actively exploited by various attackers to compromise Microsoft Exchange servers around the world, the Cybersecurity and Infrastructure Security Agency (CISA) warned over the weekend.