data breaches

The high-severity CVE-2024-6387 in OpenSSH is a reintroduction of a 2006 flaw, and it allows unauthenticated RCE as root. Read More  

The company seemingly underestimated the severity of the breach after originally providing a head count of roughly 36,000 impacted individuals. Read More  

Although not yet exploited in the wild, the max-critical authentication bypass bug could allow adversaries to take over unpatched Juniper Session Smart Routers and Conductors, and WAN Assurance Routers, the…

A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and

Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade. Read More  

Analysts say Apple's black-box approach provides a blueprint for rival chip makers and cloud providers. Read More  

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. Read More  

To be effective, managing risk demands both fast responses and strategic thinking. Read More  

The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans," SentinelOne security researcher Alex

[[{"value":"This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full  Story in The Independent Sausalito, Calif. – Jul. 291, 2024 Unless you live off-grid and offline,…