The main attacks and vulnerabilities compiled by our experts last week: 11th—17th March.

Check out our Cyber Security weekly briefing: the main attacks and vulnerabilities found by our teams of experts.

Here are the most relevant headlines of the week, download our full report and take note:

A new version of the Xenomorph banking trojan

ThreatFabric researchers have detected a new variant of the Android banking trojan Xenomorph.
First detected in February 2022 and attributed to Hadoken Security Group.

Microsoft Patch Tuesday includes two actively exploited 0-days

Microsoft has fixed 83 vulnerabilities affecting its products, including Microsoft Windows, Office, Exchange, and Azure.
Nine of these vulnerabilities are reported to have received a critical severity score.
Another 69 were reported to have been rated as “important” and two of these security bugs are reported to be 0-day actively exploitedCVE-2023-23397 and CVE-2023-24880.

YoroTrooper: new threat actor focused on cyber espionage

Researchers at Cisco Talos have detected a new threat actor focused on executing cyberespionage campaigns. Named: YoroTrooper.

CISA warns of 0-day exploit in Adobe and urges patch application

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned of 0-day exploitation of vulnerability CVE-2023-26360 in Adobe ColdFusion.

0-day vulnerabilities in Samsung’s Exynos chipsets

Google’s security team, Project Zero, disclosed the existence of 18 0-day vulnerabilities in Samsung’s Exynos chipsets, used in mobile devices, laptops, and cars.

Related news

Stay up to date. Get the latest news and trends
Sign Up