Organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding ongoing attacks exploiting a cross-site scripting vulnerability impacting various versions of the Roundcube email server, tracked as CVE-2023-43770, reports BleepingComputer.
BleepingComputer reports that updated variants of the Android malware XLoader, also known as MoqHao, that allowed automated execution after installation have emerged.
Major U.S. insurance firms Bankers Life and Casualty Company and Washington National Insurance Company disclosed having data from more than 66,000 customers stolen following a SIM swapping attack in November, according to Hackread.
Despite the win against the Chinese nation-state APT, government agencies issued fresh warnings about the dangers it poses to critical U.S. infrastructure.
External cybersecurity solutions provider ZeroFox has agreed to a nearly $350 million all-cash acquisition deal from tech-oriented private equity firm Haveli Investments, which is poised to be finalized by the first six months of the year, SecurityWeek reports.