Author: Amey Anekar

Critical Software Supply Chain Bugs in TeamCity JetBrains has released patches for two critical vulnerabilities (CVE-2024-27198 and CVE-2024-27199) in its TeamCity software, allowing attackers to gain administrative control over on-premises servers. Rapid7 reported the flaws,

GitHub Under Attack by Malicious Repositories GitHub is facing an ongoing attack where millions of malware-laced repositories are being flooded onto the platform. These repositories contain obfuscated malware that steals passwords and cryptocurrency. The attack

Apple Warns of Increased iPhone Security Risks Due to EU Competition Laws Apple is warning European customers that new EU competition laws will make iPhones less safe as the company is forced to open up

Facebook Patches A 0-Click Account Takeover Vulnerability The user discovered a rate-limiting issue in a specific endpoint of Facebook’s password reset flow that could have allowed the takeover of any Facebook account through brute-forcing a

70% Increase In Public Ads Selling 0-day Exploits Security researchers have observed a rise in threat actors utilizing zero-day exploits to enhance targeted attacks, with a 70% increase in public ads selling such exploits between

Patches issued for Zyxel firewall product vulnerabilities Zyxel has released patches to address four vulnerabilities in their firewall and access point offerings, including null pointer deference, post-authentication command injection, and format string security issues. Threat

LockBit Ransomware Group Resurfaces After Law Enforcement Takedown The LockBit ransomware group has resurfaced on the dark web with new infrastructure after an international law enforcement operation seized its servers. The group has moved its

Apple Shortcuts Vulnerability Allows Silent Data Theft A critical vulnerability (CVE-2024-23204) in Apple’s Shortcuts app allows attackers to access sensitive data without user permission, bypassing Apple’s security framework. The bug affects macOS and iOS devices

Wyze Connected Cameras Mistakenly Send Feeds to Wrong Users Wyze cameras experienced a cybersecurity incident where 13,000 users received camera images and feeds that were not theirs, allowing unintentional spying. This is the second time

Apple Introduces PQ3 for iMessage to Combat Quantum Threats Apple has unveiled PQ3, a post-quantum cryptographic protocol for iMessage, designed to secure messages against future quantum computing attacks. This protocol places iMessage at ‘level 3’