Car dealer software provider CDK has allegedly suffered a second cyberattack – as it was trying to recuperate from the first one. As a result of...
Cybersecurity researchers from the Nokod Research Team have discovered Power BI, Microsoft’s business intelligence tool, is leaking sensitive data in a way that’s quite simple to...
A catastrophic vulnerability was recently discovered in Adobe Commerce and Magento, but ecommerce websites operating these platforms seem largely uninterested in applying a patch. As a...
Employees in the telecommunications industry interact with fewer cloud apps in their day-to-day work, compared to people in other verticals. However, they are still the biggest...
Security experts recently found a new vulnerability in Intel CPUs which could allow threat actors to execute malicious code on the flawed devices, remotely. The vulnerability...
CDK, a company that provides software-as-a-service for car dealerships, has suffered a major cyberattack forcing it to shut down most of its systems. As a result,...
Chinese users looking for VPN products, AI tools, and adult content, are being targeted in a new campaign whose goal is to spread a backdoor called...
Chinese organizations are being targeted with a new evasive malware loader called SquidLoader. Cybersecurity researchers from AT&T LevelBlue Labs found threat actors have been active since...
Security researchers recently claimed to have found a flaw that could allow threat actors to spoof Microsoft corporate emails. A cybersecurity researcher with the alias Slonser...
If you are not using random, computer-generated passwords, or one of the best password generators, chances are your logins can be cracked within an hour, research...
Cyberattacks spread via email are still rising, and with generative artificial intelligence (AI), they have gotten even more dangerous, a new report from Barracuda Networks has...
Computing powerhouse AMD is apaprently investigating a data breach after a hacker put a database on a dark web forum, claiming it came from the company....
Operational technology (OT) systems are being hit with more cyberattacks than ever before, a new report from cybersecurity experts Fortinet claims. However, while organizations are doing...
Hackers are trying to take advantage of people looking to buy and sell tickets for the Paris 2024 Summer Olympic Games with fake sales websites that...
VMware has released patches for two critical vulnerabilities that could allow hackers to execute malware remotely. Users are advised to apply the patches immediately and thus...
A hacking collective was stealing sensitive information from a company, using vulnerable F5 BIG-IP appliances to break in and achieve persistence. A report from cybersecurity researchers...
The GEEKOM XT12 Pro is smaller and lighter than previous models yet offers more processing power, less energy consumption, and is more affordable. It features a...
The annual bonuses of Microsoft’s highest-ranking workers officers’ annual bonuses will depend on how mindful they were of cybersecurity, the company’s vice chair and president has...
The Sp1d3r cybercrime gang is making quite a name for itself as it is now selling sensitive data on thousands of Truist banking employees. Truist is...
The New York Times has warned a number of its freelance associates that their data may have been stolen in a recent attack on its GitHub...
The US Cybersecurity and Infrastructure Security Agency (CISA), the government agency looking after cybersecurity protections, has issued a warning it is being impersonated by scammers. In...
Progressive Web Apps (PWA), a type of application delivered via a web browser, can be hijacked to be used for phishing, creating authentic-looking, convincing data-harvesting platforms,...
Tile, best known for small portable bluetooth trackers, has confirmed suffering a major cyberattack that saw an unnamed hacker obtain sensitive customer data including people’s names,...
The future of penetration testing and vulnerability hunting will most likely not be with AI, but rather AIs – as in multiples, security experts have warned....
Microsoft seems to have had a slight change of heart when it comes to the security risk its Azure Service Tags are posing. While initially claiming...
Experts have discovered a low-volume, but very clever, cybercrime campaign abusing the Windows search functionality to trick victims into downloading malware. The campaign was discovered by...
Slowly but surely the Snowflake incident is turning into a MOVEit-level event, as yet another company comes forward with information of stolen sensitive data – this...
Customer relationship management (CRM) software provider, Workbooks, recently announced a new service, called Managed Service for CRM. The service should help firms realize business outcomes they...
A popular budget-friendly Netgear small business router is vulnerable to half a dozen flaws that could lead to the theft of sensitive information, and possibly even...
Cybersecurity firm Cylance has confirmed falling victim to a cyberattack, saying data being sold on the dark web is legitimate. Reporting on the news, BleepingComputer said...
The number of organizations who have had their sensitive data stolen following the recent Snowflake breach is likely in the hundreds, new research has claimed. A...
Cybersecurity researchers have discovered a new vulnerability in PHP which could allow hackers to run malicious code remotely. The vulnerability is tracked as CVE-2’24-4577, and is...
Popular password manager LastPass has revealed what it believes caused a 12-hour outage which frustrated many users and even prompted some to consider switching to other...
Researchers appear to have found another avenue in which to slam Microsoft for its poor cybersecurity practices – this time around, it’s the marketplace for Visual...
British consumer association Which? has warned users of fake airline accounts on X looking to steal their personal information, whilst also criticizing the social media network...
A new ransomware strain has been detected using compromised VPN credentials to access their victims’ endpoints. Researchers at Arctic Wolf, who started tracking the ransomware variant...
Chinese company Taobao, one of the world’s largest ecommerce websites, was reportedly leaking sensitive information on its users, a new report from Cybernews has claimed. The...
Zyxel has patched three high-severity flaws plaguing some of its NAS devices. In a security advisory, Zyxel said it released patches for CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974,...
The recent Snowflake breach is slowly but surely turning into the next major global cybersecurity event after another major company confirmed having its sensitive data taken....
The feud between Disney and the fans of its defunct Club Penguin game has taken an unexpected security-focused turn after a seemingly fresh database full of...
Scammers are tricking victims into making cryptocurrency payments by offering them fake remote jobs, the FBI has warned. As per the warning, scammers are making cold...
Despite Microsoft’s best efforts, Office documents are still one of the most common ways to exploit software flaws and deploy malware on vulnerable endpoints, experts have...
Cybersecurity researchers from Resecurity have spotted a new phishing kit which is quickly gaining serious traction among cybercriminals. V3B costs between $130 and $450 per month,...
Azure Service Tags is vulnerable to a flaw that could let threat actors steal people’s sensitive data, some researchers have claimed – however Microsoft begs to...
Multiple Russian state-sponsored threat actors are actively running misinformation campaigns regarding the Summer Olympic Games that are due in Paris, France, this summer. The goal of...
2023 was a big year for ransomware, with the number of threats rising after a two-year decline, breaking a six-year record, new research has claimed. A...
Snowflake has claimed it isn’t to blame for the major data breach that hit Ticketmaster, despite the company blaming it for security weaknesses. Earlier this week,...
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw to its Known Exploited Vulnerabilities (KEV) catalog, signaling in-the-wild abuse, and giving federal...
Hugging Face has disclosed a data breach affecting its Spaces platform, a place where developers can create, share, and host different Artificial Intelligence (AI) models, and...
Ticketmaster has confirmed recent reports of a data breach in a new filing with the US Securities and Exchange Commission (SEC). Live Nation (which merged with...
A malicious botnet bricked 600,000 office and home office (SOHO) routers in what seems to be a coordinated attack against a specific internet service provider (ISP)....
AMD has announced a new public bounty hunting program offering some serious rewards for participants discovering security vulnerabilities. Until now, the popular chipmaker only had a...
Salesforce and IBM are expanding their partnership on AI development, providing businesses with greater flexibility and control over how they leverage AI and data for customer...
Salesforce is bringing Artificial Intelligence (AI) tools closer to its users in marketing and retail, by expanding the capabilities of its Einstein Copilot feature. For those...
Identity and access management giant Okta has warned customers of an ongoing credential stuffing attack against one of its tools and suggested users either disable it,...
A hacker claims to have breached the servers of Cooler Master and stolen gigabytes of sensitive corporate and customer information, including payment data. A threat actor...
First American, one of the largest insurance companies in the United States, has confirmed losing sensitive data on thousands of people in ransomware attack. News of...
The United States Department of Treasury has sanctioned three Chinese nationals and three of their companies for running a major proxy botnet operation that infected consumer...
Ticketmaster appears to have suffered a huge data breach, causing it to lose sensitive data on hundreds of millions of users. A report from Hackreadclaims a...
BreachForums, the infamous hacking forum that was supposedly taken offline by law enforcement earlier this month, is apparently back online and ready to serve customers. Multiple...
Hackers are trying to wiggle their way into corporate networks through poorly protected Check Point Remote Access VPN devices, the company has confirmed in a security...
Cloud-based video downloader service Dirpy has been found leaking sensitive data on its users, placing them at risk of all sorts of cyberattacks. Cybersecurity researchers from...
The recent cyberattack at auction house Christie’s, which took the company’s website offline hours before a major event, appears to now be confirmed as a ransomware...
Cybersecurity researchers have uncovered a new ransomware strain that abuses Windows BitLocker to lock victims out of their devices. As reported by BleepingComputer, Kaspersky dubbed the...
Hackers are taking advantage of the Windows launch of Arc browser to trick victims into downloading malware. Arc is a relatively new internet browser, first launched...
Commercial spyware firm pcTattletale has been hacked, with data it stole from its victims published on the website, which was also defaced. Commercial spyware, also known...
Russian hackers are targeting financial institutions in Europe and the United States with a nostalgia-laden gaming lure. Two security agencies in Ukraine – CSIRT-NBU, and CERT-UA,...
Bad news for an Americans looking to keep their illegal pasts behind them, as researchers have flagged the leak of sensitive information on millions of convicted...
An update for software that records court proceedings was contaminated with malware, granting persistent access to still unknown threat actors. This is according to a new...
DevOps platform GitLab recently released patches for seven vulnerabilities, including a high-severity flaw that allowed threat actors to take over people’s accounts. As picked up by...
People using Google’s Password Manager can now share their login credentials with their family members. Earlier this week, Google released version 24.20 of Google Play services,...
The recent cyber-incident against Canadian pharmacy chain London Drugs was indeed a full-blown ransomware attack, with sensitive data being stolen, and a major ransom being demanded,...
As the US Presidential elections draw closer, the battle is heating up, and with AI tools rising in popularity, it’s safe to assume they will be...
The United States government is offering $50 million to whoever can develop a new piece of technology that will better secure healthcare IT equipment. Due to...
Password management company LastPass said its product will soon start encrypting URLs stored in the vaults, which will act as an additional layer of protection against...
Hackers have found a way to install cryptominers on your devices, even if you have an antivirus program installed. The campaign was recently discovered by cybersecurity...
Veeam has announced that it recently discovered, and fixed, a critical-severity vulnerability in its Veeam Backup Enterprise Manager (VBEM). The vulnerability, tracked as CVE-2024-29849 (via BleepingComputer)...
American wireless telecommunications company, Patriot Mobile, suffered a data breach in which a hacker stole sensitive customer information. According to TechCrunch, which verified the authenticity of...
Some of the world’s biggest cryptocurrency and social media companies, as well as other tech giants, are teaming up to better protect users from online scams....
Intel has discontinued its Mini PC line, paving the way for alternatives like the GEEKOM Mini IT3, offering better value and availability compared to Intel’s previous...
As the US Cyber Safety Review Board (CSRB) and the Cybersecurity and Infrastructure Security Agency (CISA) are whipping Microsoft for poor cybersecurity practices, Google is rummaging...
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities (KEV) list, thus alerting government agencies and other...
Some US financial institutions are now legally required to disclose a security breach within 30 days of their discovery. The news comes as a result of...
Cybersecurity researchers from Tenable discovered a critical vulnerability in Fluent Bit which allows malicious actors to run denial-of-service attacks, or execute bad code, remotely. Fluent Bit...
Security researchers have observed a new version of BiBi Wiper, a destructive piece of malware that not only wipes all of the data from the disk,...
Two students found a way to do their laundry for free, after discovering a bug in the app that accompanies the laundry machines at their college...
We now know exactly how many people are affected by the WebTPA data breach that was discovered late last year – 2,429,175. The hackers who infiltrated...
Grandoreiro, the banking trojan that was dismantled in January this year, is back with a vengeance. This is according to a new report from IBM’s cybersecurity...
In just over a month, Microsoft will start enforcing multi-factor authentication (MFA) for all Azure administrators. The news was confirmed in a blog post published late...
Experts have identified a way to “confuse” your device when it tries to connect to a trusted Wi-Fi network. As a result, the device is instead...
Cybersecurity researchers from Intego have discovered new variants of the dreaded Cuckoo malware that targets macOS users. For those unfamiliar with the name, Cuckoo is an...
Hackers are stealing people’s DocuSign accounts to make their Business Email Compromise (BEC) attacks seem more authentic, and thus, more successful. A report from cybersecurity researchers...
Kimsuky, an infamous North Korean state-sponsored threat actor, has been using a brand new backdoor to target victims’ Linux devices. Cybersecurity researchers Symantec, who call the...
Hackers have been observed combining spam, a classic IT tech support scam, and Windows built-in remote control and screen-sharing tool, Quick Assist, to deploy the Black...
Sensitive personal data, including Social Security Numbers (SSN), on thousands of Nissan North America (NNA) employees, has been stolen, the company has confirmed. Nissan is only...
BreachForums, one of the most popular clearnet forums for sharing stolen data, malware, and other warez, is thought to have been shutdown by the Federal Bureau...
Some customers of Santander may have had their data stolen following a supply-chain attack targeting one of the bank’s third-party providers. The company confirmed the news...
Icedrive is a cloud storage solution that aims to make cloud storage feel like a physical hard drive with what the company calls “revolutionary” drive-mounting software....
VMware has released patches for four vulnerabilities affecting two of its products. The vulnerabilities could be used by malicious actors to steal sensitive information from flawed...