National CSIRT-CY | National Computer Security Incident Response Team of Cyprus

f you are running an online discussion forum based on vBulletin software, make sure it has been updated to install a newly issued security patch that fixes a critical vulnerability.

A cybersecurity researcher uncovers a set of 7 new unpatchable hardware vulnerabilities that affect all desktops and laptops sold in the past 9 years with Thunderbolt, or Thunderbolt-compatible USB-C ports.

DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers’ data to unknown and unauthorized third parties.

Hackers have hidden malware in a legitimate two-factor authentication (2FA) app for macOS to distribute Dacls, a remote access trojan associated with the North Korean Lazarus group.

The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim’s files, even those that are opened and locked by another process.

Hackers are actively exploiting two security vulnerabilities in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins with the end goal of remotely executing arbitrary code and fully compromising unpatched targets.

An advanced hacker group running cyber-espionage campaigns since at least 2010 has been operating stealthily over the past five years. They deliver a new backdoor called Aria-body and use victims’ infrastructure to carry attacks against other targets.

Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform.

Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert.