Security Boulevard

Attackers Worldwide are Zeroing In on React2Shell Vulnerability

Bad actors that include nation-state groups to financially-motivated cybercriminals from across the globe are targeting the maximum-severity but easily exploitable React2Shell flaw, with threat ...
GovInfoSecurity

Zero Day: 700 Instances of Self-Hosted Git Service Exploited

An attacker has been exploiting a zero-day vulnerability in Gogs, an open-source and popular Git service that allows for self ...
Microsoft

Imposter for hire: How fake people can gain very real access

Fake employees are an emerging cybersecurity threat. Learn how they infiltrate organizations and what steps you can take to ...

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with ...

Notepad++ fixes flaw that let attackers push malicious update files

Notepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users ...
eWeek

Photoshop Invades ChatGPT, No Install Needed

No installs. No steep learning curve. Just a required Adobe sign-in to use Photoshop, Express, or Acrobat.