Vulnerabilities
- ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models
- Critical Vulnerability in Trellix IPS Manager Flaw Allows Remote Code Execution
- Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
- VMware fixes critical vCenter RCE vulnerability, patch now
- Chrome Security Update – Patch for 6 Vulnerabilities
TTP
- Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer
- New Satanstealer Malware Steals Browser Cookies and Passwords
- Fake Google Chrome errors trick you into running malicious PowerShell scripts
- Beware Of Malicious Search Results Leading To SolarMarker Malware Installation
- Hackers Using Weaponized Word Documents In QR Code Phishing Attacks
Breaches
- Total Fitness Exposes 500k Images of Members & Staff
- Scathing report on Medibank cyberattack highlights unenforced MFA
- AMD is investigating claims of stolen company data
- Amtrak Data Breach: Hackers Accessed User’s Email Address
- IntelBroker Claiming Leak of Apple’s Internal Tools
Note worthy
Miscellaneous
- Adobe’s new terms of service say it won’t use your work to train AI
- Microsoft Reconsiders Windows Recall Release Amidst Privacy Concerns
- Microsoft says bug causes Windows 10 apps to display Open With dialogs
- Software giant Adobe accused of ‘trapping customers’
- Microsoft Recommends ‘Always On VPN’ As It Deprecates Windows DirectAccess
- YouTube Introduces Experimental ‘Notes’ for Users To Add Context To Videos
- BadSpace Malware Attacking Users By Leveraging High-Ranking Infected Websites
- Signal Foundation Warns Against EU's Plan to Scan Private Messages for CSAM