Several Russian companies have been subjected to intrusions exploiting the already-patched WinRAR vulnerability, tracked as CVE-2023-38831, by the PhantomCore cyberespionage operation, which has been linked to Ukraine, reports The Record, a news site by cybersecurity firm Recorded Future.
Potential cyberattacks facilitated by covertly installed browser extensions could have been deployed with the exploitation of an already addressed medium-severity privilege escalation vulnerability in Microsoft Edge, according to The Hacker News.
Cheryl is super passionate about supply chain security and visibility. Tune in to our discussion on how we can collectively get better at reducing the attack surface and working to fix the wide variety of digital supply chain issues we have today. This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about...