Proton Mail Shared User Information with the Police

404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to the FBI. It's metadata--payment information related to a particular account--but still important knowledge. This sort of thing happens, even to privacy-centric companies like Prot...

Russian-Linked Hackers Target Eastern European NGOs and Media

Russian and Belarusian non-profit organizations, Russian independent media, and international non-governmental organizations active in Eastern Europe have become the target of two separate spear-phishing campaigns orchestrated by threat actors whose interests align with that of the Russian...

Apache Tomcat 8.5.63 / 9.0.43 HTTP Response Smuggling Vulnerability

Apache Tomcat suffers from a client-side de-sync vulnerability via HTTP request smuggling. Apache Tomcat versions 8.5.7 through 8.5.63 and 9.0.0-M11 through 9.0.43 are vulnerable. Exploit Title: CVE-2024-21733 Apache Tomcat HTTP Request Smuggling Date: 1/31/2024 Exploit Author: xer0dayz Vendor...

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ranso...