May 2022 – TheCyberThrone

Enemybot adds new exploits to its Arsenal

EnemyBot malware botnet expanding its target list with recently-discovered vulnerabilities in F5 hardware and VMware software. Initially discovered in March 2022, EnemyBot’s original target was the wide range of Linux…

PravinKarthik May 31, 2022

Spirit Super Data breach affects 50K customers

As many as 50,000 members of Tasmanian-based industry super fund Spirit Super may have had their sensitive personal information compromised after a phishing attack earlier this month. Spirit Super, which…

PravinKarthik May 31, 2022

Belarus Government sites brought offline by Anonymous

Affiliates of the Anonymous group, collective Spid3r claim to have attacked Belarus’ government websites in retaliation for the country’s alleged support of Russia’s invasion of Ukraine. The group made the…

PravinKarthik May 31, 2022

Follina ZeroDay evades Microsoft Defender

Hackers are exploiting a vulnerability in Microsoft Office that enables them to fetch malicious code without detection in a multi-stage attack. The exploit, dubbed named Follina, abuses the remote template…

PravinKarthik May 30, 2022

LinkedIn Bug Bounty with bumped rewards goes public

LinkedIn’s invite-only bug bounty program has been running since 2014 getting replaced by a public bug bounty. Security vulnerabilities that are rated critical which are discovered on the business-oriented platform…

PravinKarthik May 30, 2022

Software Composition Analysis (SCA)- A dive!

Software development’s today landscape traveled to have a lot and took major changes, with short release cycles, developers need to rely heavily on open source to accelerate innovation. But that…

PravinKarthik May 30, 2022

Open Automation Software Platform Patches numerous vulnerabilities

Numerous vulnerabilities have been found in the Open Automation Software Platform that could allow an attacker to carry out a variety of malicious actions. The platform connects industrial devices, servers,…

PravinKarthik May 30, 2022

Google Dev Channel has a RCE vulnerability

The WebAssembly and V8 JavaScript engine used in both the browsers of Google Chrome and Chromium recently patched critical remote code execution vulnerability. Successful exploitation of the issue could allow…

PravinKarthik May 29, 2022