Ledger's Web3 Connector library was compromised and replaced with a drainer
Ledger's software got hit with a serious security problem. banteg, a well-known crypto guy, tweeted that Ledger's library is messed up and now has a "drainer" in it.
Hyundai to hold software-upgrade clinics across the US for vehicles targeted by thieves | AP News
Hyundai says it will set up “mobile clinics” at five U.S. locations to provide anti-theft software upgrades for vehicles now regularly targeted by thieves using a technique popularized on TikTok and other social platforms.
North Korea-backed hackers target security researchers with 0-day
Google researchers say currently unfixed vulnerability affects a popular software package.
Critical Vulnerabilities in PaperCut Print Management Software
Our team is tracking in-the-wild exploitation of zero-day vulnerabilities against PaperCut MF/NG which allow for unauthenticated remote code execution due to an authentication bypass.
MSI Confirms Breach as Ransomware Gang Claims Responsibility
UPDATE: A new statement(Opens in a new window) from MSI says users should avoid downloading firmware and BIOS updates from third-party sources, and instead only obtain such software from the company's official website. The statement suggests MSI is worried hackers could circulate malicious versions of the company's BIOS software when the ransomware gang, Money Message, claims it stole the PC maker's source code.
3CX VoIP Software Compromise & Supply Chain Threats
The 3CX VoIP Desktop Application has been compromised to deliver malware via legitimate 3CX updates. Huntress has been investigating this incident and working to validate and assess the current supply chain threat to the security community.
Biden National Cyber Strategy Seeks to Hold Software Firms Liable for Insecurity
Markets have imposed “inadequate costs” on companies that build vulnerable technology, it says.
Hyundai and Kia issue software upgrades to thwart theft hack
Gone in 60 seconds using a USB-A plug and brute force instead of a key
MSI Confirms Breach as Ransomware Gang Claims Responsibility
UPDATE: A new statement(Opens in a new window) from MSI says users should avoid downloading firmware and BIOS updates from third-party sources, and instead only obtain such software from the company's official website. The statement suggests MSI is worried hackers could circulate malicious versions of the company's BIOS software when the ransomware gang, Money Message, claims it stole the PC maker's source code.
3CX VoIP Software Compromise & Supply Chain Threats
The 3CX VoIP Desktop Application has been compromised to deliver malware via legitimate 3CX updates. Huntress has been investigating this incident and working to validate and assess the current supply chain threat to the security community.
Biden National Cyber Strategy Seeks to Hold Software Firms Liable for Insecurity
Markets have imposed “inadequate costs” on companies that build vulnerable technology, it says.
Hyundai and Kia issue software upgrades to thwart theft hack
Gone in 60 seconds using a USB-A plug and brute force instead of a key