top of page

Notícias 

Confira todas as notícias recentes sobre cibersegurança e tecnologia.

Vulnerabilidade

17 de junho de 2025

Free AI coding security rules now available on GitHub

Developers are turning to AI coding assistants to save time and speed up their work. But these tools can also introduce security risks if they suggest flawed or unsafe code. To help address that, Secure Code Warrior has released a new set of free AI Security Rules on GitHub. These rulesets offer practical guidance to help developers write more secure code when using tools like GitHub Copilot, Cursor, Cline, Roo, Aider, and Windsurf. Designed specifically … More → The post Free AI coding security rules now available on GitHub appeared first on Help Net Security.

Vulnerabilidade

17 de junho de 2025

Researchers unearth keyloggers on Outlook login pages

Unknown threat actors have compromised internet-accessible Microsoft Exchange Servers of government organizations and companies around the world, and have injected the organizations' Outlook on the Web (OWA) login page with browser-based keyloggers, Positive Technologies researchers have warned. The keylogging JavaScript code (Source: Positive Technologies) The initial vector for compromise is unknown The researchers haven't been able to pinpoint how the attackers gained access to the compromised servers. Some of them were vulnerable to a slew … More → The post Researchers unearth keyloggers on Outlook login pages appeared first on Help Net Security.

Vulnerabilidade

17 de junho de 2025

Sitecore CMS exploit chain starts with hardcoded 'b' password

A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers. [...]

Vulnerabilidade

17 de junho de 2025

What Is Vulnerability Prioritization? A No-Fluff Playbook

Vulnerabilities, on their own, don't mean much. You could be staring at thousands of scanner alerts every week, but unless you know which ones truly matter, you're just reacting to... The post What Is Vulnerability Prioritization? A No-Fluff Playbook appeared first on Strobes Security. The post What Is Vulnerability Prioritization? A No-Fluff Playbook appeared first on Security Boulevard.

Fraude

17 de junho de 2025

U.S. Moves to Collect $7.74 Million Tied to N. Korea IT Worker Scam

The DOJ is moving to collect $7.74 million seized two years ago in connection with a criminal case involving an IT worker scam run by North Korean operatives. The case is one of many that have been running in the United States and elsewhere for almost a decade. The post U.S. Moves to Collect $7.74 Million Tied to N. Korea IT Worker Scam appeared first on Security Boulevard.

Fraude

17 de junho de 2025

Infocon: green

How Long Until the Phishing Starts? About Two Weeks

Fraude

17 de junho de 2025

How Long Until the Phishing Starts? About Two Weeks, (Tue, Jun 17th)

[This is a guest diary by Christopher Crowley, https://montance.com]

Fraude

17 de junho de 2025

Instagram 'BMO' ads use AI deepfakes to scam banking customers

Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ads use AI-powered deepfake videos in an attempt to collect your personal information, while others drive traffic to phishing pages. [...]

Tentativas de Invasão

17 de junho de 2025

Zyxel Firewall Vulnerability Again in Attacker Crosshairs

GreyNoise warns of a spike in exploitation attempts targeting a two-year-old vulnerability in Zyxel firewalls. The post Zyxel Firewall Vulnerability Again in Attacker Crosshairs appeared first on SecurityWeek.

Fraude

17 de junho de 2025

Taiwan Hit by Sophisticated Phishing Campaign

Phishing campaign targeting Taiwan has been identified, using tax-themed emails and malware like Winos and HoldingHands

bottom of page