Alerts

Stay updated with CyberLabs’ latest news alerts covering critical cybersecurity incidents, breaking threats, and important industry developments that matter to your digital safety.

Cybersecurity Architecture
Google fixes Android kernel zero-day exploited in targeted attacks
Google fixes Android kernel zero-day exploited in targeted attacks

6 Aug 2024

The zero-day, tracked asCVE-2024-36971, is a use after free (UAF) weakness in the Linux kernel’s network route management. It requires System execution privileges for successful exploitation and allows altering the behavior of certain network connections.

Read More
WhatsApp for Windows lets Python, PHP scripts execute with no warning
WhatsApp for Windows lets Python, PHP scripts execute with no warning

30 Jul 2024

A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them.

Read More
Stargazer Goblin’ Creates 3,000 Fake GitHub Accounts for Malware Spread
Stargazer Goblin’ Creates 3,000 Fake GitHub Accounts for Malware Spread

29 Jul 2024

A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year.

Read More
CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices
CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices

24 Jul 2024

Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of awidespread outagelate last week.

Read More
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide

19 Jul 2024

Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike.

Read More
SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software
SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software

19 Jul 2024

SolarWinds hasaddresseda set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code.

Read More
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks

16 Jul 2024

JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on Docker Hub.

Read More
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

12 Jul 2024

Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover.

Read More
New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk

10 Jul 2024

Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).

Read More
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks

10 Jul 2024

Jenkins, a popular continuous integration and continuous delivery (CI/CD) platform, features a Groovy script console that allows users to run arbitrary Groovy scripts within the Jenkins controller runtime.

Read More
Google Address Critical Flaws in Android
Google Address Critical Flaws in Android

11 Jul 2023

Google, a leading technology giant, has once again demonstrated its commitment to user security by releasing its monthly security updates for the Android operating system. This latest release focuses on addressing a total of 46 new software vulnerabilities, ensuring the safety and integrity of Android devices worldwide. Among these vulnerabilities, three have been identified as actively exploited in targeted attacks, warranting immediate attention and action. In this article, we will delve into the details of these vulnerabilities, their potential risks, and the steps taken by Google to mitigate them.

Read More
Fortigate still unpatched for RCE Vulnerability
Fortigate still unpatched for RCE Vulnerability

5 Jul 2023

No less than 330,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that has come under active exploitation in the wild.

Read More