Monthly Security Bulletin – May 2024

This month’s security bulletin hot topics:

1. New XZ backdoor scanner detects implant in any Linux binary

2. Surveillance by the New Microsoft Outlook App

3. Notepad++ needs your help in “parasite website” shutdown

4. Security Vulnerability of HTML Emails

5. New SharePoint flaws help hackers evade detection when stealing files

6. New Spectre v2 attack impacts Linux systems on Intel CPUs

7. Vulnerability in some TP-Link routers could lead to factory reset

8. Apple: Mercenary spyware attacks target iPhone users in 92 countries

9. PuTTY SSH client flaw allows recovery of cryptographic private keys

10. Ivanti warns of critical flaws in its Avalanche MDM solution

11. Microsoft: Copilot ‘app’ on Windows Server mistakenly added by Edge

12. Cisco discloses root escalation flaw with public exploit code

13. Cybercriminals pose as LastPass staff to hack password vaults

14. Fake cheat lures gamers into spreading infostealer malware

15. MITRE says state hackers breached its network via Ivanti zero-days

16. GitHub comments abused to push malware via Microsoft repo URLs

17. Using Legitimate GitHub URLs for Malware

18. Microsoft: APT28 hackers exploit Windows flaw reported by NSA