Alerts
Stay updated with CyberLabs’ latest news alerts covering critical cybersecurity incidents, breaking threats, and important industry developments that matter to your digital safety.
Google fixes Android kernel zero-day exploited in targeted attacks
6 Aug 2024
The zero-day, tracked asCVE-2024-36971, is a use after free (UAF) weakness in the Linux kernel’s network route management. It requires System execution privileges for successful exploitation and allows altering the behavior of certain network connections.
Read More
WhatsApp for Windows lets Python, PHP scripts execute with no warning
30 Jul 2024
A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them.
Read More
Stargazer Goblin’ Creates 3,000 Fake GitHub Accounts for Malware Spread
29 Jul 2024
A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year.
Read More
CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices
24 Jul 2024
Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of awidespread outagelate last week.
Read More
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
19 Jul 2024
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike.
Read More
SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software
19 Jul 2024
SolarWinds hasaddresseda set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code.
Read More
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
16 Jul 2024
JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on Docker Hub.
Read More
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
12 Jul 2024
Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover.
Read More
New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
10 Jul 2024
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).
Read More
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
10 Jul 2024
Jenkins, a popular continuous integration and continuous delivery (CI/CD) platform, features a Groovy script console that allows users to run arbitrary Groovy scripts within the Jenkins controller runtime.
Read More
Google Address Critical Flaws in Android
11 Jul 2023
Google, a leading technology giant, has once again demonstrated its commitment to user security by releasing its monthly security updates for the Android operating system. This latest release focuses on addressing a total of 46 new software vulnerabilities, ensuring the safety and integrity of Android devices worldwide. Among these vulnerabilities, three have been identified as actively exploited in targeted attacks, warranting immediate attention and action. In this article, we will delve into the details of these vulnerabilities, their potential risks, and the steps taken by Google to mitigate them.
Read More
Fortigate still unpatched for RCE Vulnerability
5 Jul 2023
No less than 330,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that has come under active exploitation in the wild.
Read More