Gitlab fixes Account Takeover Vulnerability
GitLab has addressed a critical security flaw in its service that could result in an account takeover after exploitation. This critical bug tracked as CVE-2022-1680, with CVSS of 9.9 and…
LuoYu employs Man-on-the-side attack to plant backdoor
A sophisticated Chinese APT actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that allows the actor to modify network traffic in-transit to insert malicious payloads LuoYu…
Polonium targets Israel Companies
Microsoft has suspended over 20 OneDrive accounts abusing the service for cyber attacks on Israeli companies across numerous industries across defense and financial services Microsoft wrote that the organization behind…
Atlassian Confluence ZeroDay
Atlassian has confirmed the critical vulnerability in Confluence Server and Data Center, and the company said there is currently no fix, but it is working on a patch. All versions…