Microsoft is investigating a known issue randomly triggering “Product Deactivated” errors for customers using Microsoft 365 Office apps. […]
Android malware found on Amazon Appstore disguised as health app
A malicious Android spyware application named ‘BMI CalculationVsn’ was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. […]
Windows 11 24H2 upgrades blocked on some PCs due to audio issues
Microsoft has added another Windows 11 24H2 upgrade block for systems with Dirac audio improvement software due to compatibility issues breaking sound output. […]
Fortinet warns of FortiWLM bug giving hackers admin privileges
Fortinet has disclosed a critical vulnerability in Fortinet Wireless Manager (FortiWLM) that allows remote attackers to take over devices by executing unauthorized code or commands through specially crafted web requests. […]
How to Implement Impactful Security Benchmarks for Software Development Teams
Benchmarking is all about taking back control – you’re measuring to gain complete awareness of your development teams’ security skills and practices.
The post How to Implement Impactful Security Benchmarks for Software Development Teams appeared first on SecurityWeek.
Microsoft says Auto HDR causes game freezes on Windows 11 24H2
Microsoft is now blocking Windows 11 24H2 upgrades on systems with Auto HDR enabled due to a compatibility issue that causes game freezes. […]
BeyondTrust says hackers breached Remote Support SaaS instances
Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances. […]
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry.
The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve second-stage payloads, respectively.
“While typosquatting attacks are
The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve second-stage payloads, respectively.
“While typosquatting attacks are
CISA Releases Mobile Security Guidance After Chinese Telecom Hacking
In light of recent Chinese hacking into US telecom infrastructure, CISA has released guidance on protecting mobile communications.
The post CISA Releases Mobile Security Guidance After Chinese Telecom Hacking appeared first on SecurityWeek.
Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords
Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware.
The company said it’s issuing the advisory after “several customers” reported anomalous behavior on their Session Smart Network (SSN) platforms on December 11, 2024.
“These systems have been infected with the Mirai
The company said it’s issuing the advisory after “several customers” reported anomalous behavior on their Session Smart Network (SSN) platforms on December 11, 2024.
“These systems have been infected with the Mirai