Fresh MOVEit Bug Under Attack Mere Hours After Disclosure
Source: Dark Reading
A high-severity security vulnerability in Progress Software's MOVEit Transfer software could allow cyberattackers to get around the platform's authentication mechanisms — and it's being actively exploited in the wild just hours after it was made public.
Polyfill claims it has been 'defamed', returns after domain shut down
Source: Bleeping Computer
The owners of Polyfill.io have relaunched the JavaScript CDN service on a new domain after polyfill.io was shut down as researchers exposed it was delivering malicious code on upwards of 100,000 websites.
No Patches for Hospital Temperature Monitors' Critical Flaws
Source: Data Breach Today
Vulnerabilities in internet-connected temperature monitoring devices mainly used in hospitals, and their accompanying desktop application, could allow hackers to gain administrator privileges to the technology.
US DHS Warns of AI-Fueled Chemical and Biological Threats
Source: Info Risk Today
Artificial intelligence is lowering the barriers of entry for global threat actors to create and deploy new chemical, biological and nuclear risks, warns the U.S. Department of Homeland Security.
Multiple Threat Actors Deploying Open-Source Rafel RAT to Target Android Devices
Source: The Hacker News
Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it as Instagram, WhatsApp, and various e-commerce and antivirus apps.