DESTAQUES

Ameaças Cibernéticas

1222 notícias
Ameaças Cibernéticas The Hacker News 🇺🇸

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the …

Ameaças Cibernéticas Bleeping Computer 🇺🇸

CISA warns of cyberattacks targeting fuel tank monitoring systems

CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across various critical infrastructure sectors. [...]

Ameaças Cibernéticas The Hacker News 🇺🇸

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice assistant on Android and made it open a victim's connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly pois…

Ameaças Cibernéticas Health IT Answers 🇺🇸

Today’s Cybersecurity Prognosis: Emerging Threats and Trusted Foundations

By Freddie Sanchez - The recent Canvas data breach sent shockwaves through education, but it’s a situation all too familiar for those of us in healthcare. For years, our industry has consistently been a top target for bad actors, and that trend is unlikely to change anytime soon.…

Ameaças Cibernéticas The Hacker News 🇺🇸

Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT

Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named DesckVB RAT. "Before the victim ever reaches attacker-controlled infrastructure, the …

Ameaças Cibernéticas The Hacker News 🇺🇸

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an autonomous AI tool built to hunt bugs in large codebases. Tracked as CVE-2026-23479, the flaw w…

Ameaças Cibernéticas The Hacker News 🇺🇸

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's GitHub token. "Just by clicking a link, it's possible for an attacker to steal a GitHub token that can read and write to your repos, in…

Link copiado!