DESTAQUES

Ameaças Cibernéticas

1627 notícias
Ameaças Cibernéticas The Hacker News 🇺🇸

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary fil…

Ameaças Cibernéticas Bleeping Computer 🇺🇸

Turning Indicators into Intelligence in OpenCTI with Criminal IP

Threat intelligence is only as useful as the context behind it. Criminal IP explains how its integration enriches threat indicators in OpenCTI with risk scoring, infrastructure intelligence, and phishing analysis. [...]

Ameaças Cibernéticas The Hacker News 🇺🇸

Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire's Threat Response Unit (TRU). The Canadian cybersecurity company said it identified exploitation attempts targeting CVE-2…

Ameaças Cibernéticas The Hacker News 🇺🇸

AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the…

Ameaças Cibernéticas Boletim Sec 🇧🇷

Criminosos usam SEO malicioso para distribuir falso instalador do ManageEngine

Uma busca comum no Bing por “ManageEngine OpManager” levou à instalação de ransomware em uma rede corporativa, após criminosos manipularem resultados de pesquisa para promover uma página falsa de download. O ataque começou quando um usuário procurou pela ferramenta de monitoramen…

Ameaças Cibernéticas The Hacker News 🇺🇸

Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware

Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that AI tools point their way. Palo Alto Networks' Unit 42 calls the trick phant…

Ameaças Cibernéticas The Hacker News 🇺🇸

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address range (2a0a:d683::/…

Ameaças Cibernéticas The Hacker News 🇺🇸

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition. …

Ameaças Cibernéticas CISO Advisor 🇧🇷

Extensão falsa do Perplexity espiou buscas no Chrome

Uma campanha de monitorização oculta foi descoberta ativa na loja oficial de extensões do Google Chrome (Chrome Web Store), onde agentes maliciosos clonaram com sucesso a identidade visual e o nome da plataforma de pesquisa assistida por inteligência artificial Perplexity. A exte…

Ameaças Cibernéticas CISO Advisor 🇧🇷

Sequestro de navegadores de IA para roubo de dados

Pesquisadores da LayerX Security descobriram uma técnica de ataque, batizada de “BioShocking”, que manipula navegadores com inteligência artificial para ignorar suas salvaguardas de segurança e executar ações maliciosas, como roubo de credenciais, conforme detalhado em relatório …

Link copiado!