Blog

Your blog category

Blog

TBK DVRs Botnet Attack

What is the Attack?Threat Actors are actively exploiting CVE-2024-3721, a command injection vulnerability in TBK DVR devices (Digital Video Recorders). This flaw allows unauthenticated remote code execution (RCE) via crafted HTTP requests to the endpoint. The compromised devices are being conscripted into a botnet capable of conducting DDoS attacks.If successfully exploited, there is a potential…

Read More TBK DVRs Botnet Attack
Blog

Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast

The bug is one of 66 disclosed and patched today by Microsoft as part of its June 2025 Patch Tuesday set of security vulnerability fixes.

Read More Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast
Blog

PoC Code Escalates Roundcube Vuln Threat

The flaw allows an authenticated attacker to gain complete control over a Roundcube webmail server.

Read More PoC Code Escalates Roundcube Vuln Threat
Blog

Red Canary Expands AI Innovations to Cut Alert Overload

Post Content

Read More Red Canary Expands AI Innovations to Cut Alert Overload
Blog

GitHub: How Code Provenance Can Prevent Supply Chain Attacks

Through artifact attestation and the SLSA framework, GitHub’s Jennifer Schelkopf argues that at least some supply chain attacks can be stopped in their tracks.

Read More GitHub: How Code Provenance Can Prevent Supply Chain Attacks
Blog

Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps

Adobe on Tuesday pushed security updates to address a total of 254 security flaws impacting its software products, a majority of which affect Experience Manager (AEM). Of the 254 flaws, 225 reside in AEM, impacting AEM Cloud Service (CS) as well as all versions prior to and including 6.5.22. The issues have been resolved in…

Read More Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps
Blog

Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud

Cybersecurity researchers have uncovered over 20 configuration-related risks affecting Salesforce Industry Cloud (aka Salesforce Industries), exposing sensitive data to unauthorized internal and external parties. The weaknesses affect various components like FlexCards, Data Mappers, Integration Procedures (IProcs), Data Packs, OmniOut, and OmniScript Saved Sessions. “Low-code platforms such as

Read More Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud
Blog

United Natural Food’s Operations Limp Through Cybersecurity Incident

It’s unclear what kind of cyberattack occurred, but UNFI proactively took certain systems offline, which has disrupted the company’s operations.

Read More United Natural Food’s Operations Limp Through Cybersecurity Incident
Blog

FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware

The financially motivated threat actor known as FIN6 has been observed leveraging fake resumes hosted on Amazon Web Services (AWS) infrastructure to deliver a malware family called More_eggs. “By posing as job seekers and initiating conversations through platforms like LinkedIn and Indeed, the group builds rapport with recruiters before delivering phishing messages that lead to…

Read More FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware
Blog

Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users

Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that’s being propagated via fraudulent gaming websites. “Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing malicious code in the background,” Trellix security researchers Niranjan Hegde, Vasantha Lakshmanan

Read More Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users