Aggregator

A vulnerability, which was classified as critical, was found in Mozilla Thunderbird up to 102. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2022-2505. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 103. It has been rated as critical. This issue affects some unknown processing of the component XSLT Error Handler. The manipulation leads to clickjacking. The identification of this vulnerability is CVE-2022-38472. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 102.1 and classified as critical. This issue affects some unknown processing of the component XSLT Error Handler. The manipulation leads to clickjacking. The identification of this vulnerability is CVE-2022-38472. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Inhabit Move CRM 4 Build 260. Affected is an unknown function of the component User Profile Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2022-43271. It is possible to launch the attack remotely. There is no exploit available.

The recent ransomware breach tied to ICICI Bank—claimed by the LockBit group—has raised fresh concerns about the fragility of digital ecosystems and third-party risk. While official confirmations remain limited, leaked files and dark web chatter suggest that attackers accessed systems through a vendor relationship and exfiltrated over 3 TB of sensitive data, including customer records

The post ICICI Bank Ransomware Breach: A Stark Reminder of Supply Chain Risk and the Need for Real-Time Cyber Vigilance appeared first on Seceon Inc.

The post ICICI Bank Ransomware Breach: A Stark Reminder of Supply Chain Risk and the Need for Real-Time Cyber Vigilance appeared first on Security Boulevard.

The cryptocurrency sector has always been a magnet for cybercriminals, but the TraderTraitor campaign marks a different kind of threat—one backed by state-sponsored actors with long-term goals and surgical precision. Allegedly linked to North Korea’s Lazarus Group, this campaign wasn’t just about breaking into wallets. It was about exploiting trust, manipulating human behavior, and moving

The post The TraderTraitor Crypto Heist: Nation-State Tactics Meet Financial Cybercrime appeared first on Seceon Inc.

The post The TraderTraitor Crypto Heist: Nation-State Tactics Meet Financial Cybercrime appeared first on Security Boulevard.

Linux cyber threats are less widespread than Windows ones yet it can make them even more dangerous. Underestimated and under-anticipated, they stab endpoints and networks in the back, bringing operational disruption and financial loss. It’s true that individual desktop users are less targeted by Linux-specific malware, than that tailored for Windows systems. Although they still […]

The post How and Why Threat Hunting Teams Investigate Linux Malware Attacks appeared first on Cyber Security News.

A vulnerability has been found in Adobe Experience Manager and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-20768. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Adobe Experience Manager and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2024-26126. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Adobe Experience Manager. It has been classified as problematic. This affects an unknown part. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-26127. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Adobe Premiere Pro. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2024-20745. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability classified as critical has been found in Adobe Premiere Pro. Affected is an unknown function. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2024-20746. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Adobe Experience Manager. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-26051. The attack can be initiated remotely. There is no exploit available.

What began as a trickle of spammy messages has evolved into a sophisticated and dangerous phishing campaign. The Smishing Triad, an active cybercriminal group, is behind a surge of SMS-based phishing attacks (smishing) targeting organizations across sectors—from healthcare to logistics to finance. Their focus? Gaining access to internal portals and enterprise email accounts by exploiting

The post The Smishing Triad Surge: Text-Based Threats Are Getting Smarter, Not Simpler appeared first on Seceon Inc.

The post The Smishing Triad Surge: Text-Based Threats Are Getting Smarter, Not Simpler appeared first on Security Boulevard.

The recent Salt Typhoon breach targeting telecom infrastructure isn’t just another headline—it’s a warning shot to every service provider that uptime and connectivity aren’t enough. This sophisticated campaign, attributed to Chinese state-sponsored actors, illustrates how telecom networks are now being leveraged not just for disruption but for surveillance, espionage, and long-term data access. What makes

The post The Salt Typhoon Telecom Breach: When Network Access Becomes National Exposure appeared first on Seceon Inc.

The post The Salt Typhoon Telecom Breach: When Network Access Becomes National Exposure appeared first on Security Boulevard.

A vulnerability classified as critical was found in Adobe Bridge. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2024-20752. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as very critical, was found in Adobe Bridge. This affects an unknown part. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2024-20756. Attacking locally is a requirement. There is no exploit available.

A vulnerability has been found in Adobe Bridge and classified as problematic. This vulnerability affects unknown code. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-20757. It is possible to launch the attack on the local host. There is no exploit available.