These days, robo and spam calls and texts have been getting out of control. Whether it’s a message about unknown subscriptions with suspicious links, or a spam call from a scammer hoping to trick you into buying something or handing over your personal information. A robocall is a call made with an automated or prerecorded…

Continue Reading

A new application disguised as malware has been making rounds in the Google Play Store, being downloaded over 100,000 times in less than 2 weeks. Researchers at Cyfirma have analyzed this new “SpyLend” malware, part of the SpyLoan group of applications which are disguised as applications for financial services such as management or lending targeting…

Continue Reading

New updates have been released for OpenSSH, the widely used Secure Shell protocol commonly used for connecting to and logging in to remote machines, which a vulnerability recently discovered allowed the possibility for machine-in-the-middle (MITM) attacks and denial of service (DOS) attacks. Researches with Qualysis’ Threat Research Unit recently reported the vulnerabilities affecting both a…

Continue Reading

Prometheus, a widely used open-source monitoring and alerting toolkit, has been found to have serious vulnerabilities that could allow cybercriminals to steal sensitive data, run malicious code, or even launch denial-of-service (DoS) attacks. Prometheus is a powerful tool designed to record, query and visualize real-time metrics from systems, containers, and applications. Researches from Aqua Security…

Continue Reading

A serious security vulnerability has been discovered in the Hunk Companion plugin for WordPress, affecting versions before 1.9.0. Researches at WPScan found the vulnerability of the Hunk Companion, a plugin used for themes by ThemeHunk, through a failed validation from a hardlink within the plugin’s code to WordPress’ plugin repository. The vulnerability allows unauthenticated requests…

Continue Reading

A new update has been released by Apache to address a critical Remote Code Execution (RCE) vulnerability affecting the open-source Apache Struts framework. Apache Struts is widely used for developing modern Java web applications, making this vulnerability a significant concern for developers. Vulnerabilities The security vulnerability (CVE-2024-53677) impacts Apache Struts versions: With a CVSS (Common…

Continue Reading

Apple has rolled out its iOS 18.2, iPadOS 18.2 and macOS 15.2 updates with a whole set of new features for its Apple AI Intelligence, along with several critical security patches across a wide range of devices. This new update brings optimizations, AI, and enhancements to privacy and security resolving issues that could have allowed…

Continue Reading