Australia Sanctions Russian Hacker Behind Medibank Breach
The Australian government has publicly named a Russian cybercriminal as responsible for the Medibank data breach, which affected 9.7 million...
News
SEC Confirms SIM Swap Attack Behind X Account Takeover
A US regulator has confirmed that its official X (formerly Twitter) account was hijacked earlier this month after hackers were...
LoanDepot Data Breach Hits 16.6 Million Customers
LoanDepot, one of the largest US-based retail mortgage lenders, has confirmed that around 16.6 million of its customers have had...
New Cybersecurity Governance Code Puts Cyber Risks on Boardroom Agenda
The UK government has published a new Code of Practice on cybersecurity governance, targeting directors and other senior business leaders.The...
French Watchdog Slams Amazon with €32m Fine for Spying on Workers
Amazon France Logistique, a subsidiary of the e-commerce giant that manages its large warehouses in France, has been fined €32m...
Malicious npm Packages Used to Target GitHub Developer SSH Keys
Security researchers have uncovered two new malicious packages on the npm open source package manager that utilized GitHub to store...
Hackers Target Atlassian Confluence With RCE Exploits
Security experts are observing attempts to exploit the remote code execution (RCE) vulnerability CVE-2023-22527 affecting outdated Atlassian Confluence servers. The company disclosed the...
Zero-Day Vulnerability in Apple Products
Apple has released security updates to address a zero-day vulnerability (CVE-2024-23222) in their products. The vulnerability is reportedly being actively...
VexTrio: The Uber of Cybercrime – Brokering Malware for 60+ Affiliates
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio...
Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub
Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys...
Zero-Day Vulnerability in Apple Products
Apple has released security updates to address a zero-day vulnerability (CVE-2024-23222) in their products. The vulnerability is reportedly being actively...
From Megabits to Terabits: Gcore Radar Warns of a New Era of DDoS Attacks
As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases...
“Activator” Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets
Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information...
BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time
Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the...
~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
Trezor Support Site Breach Exposes Personal Data Of 66 000 Customers
Trezor issued a security alert after identifying a data breach that occurred on January 17 due to unauthorized access to their...
Apple Fixes First Zero Day Bug Exploited In Attacks This Year
Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and...
Loandepot Cyberattack Causes Data Breach For 166 Million People
Mortgage lender loanDepot says that approximately 16.6 million people had their personal information stolen in a ransomware attack disclosed earlier...
Hackers Start Exploiting Critical Atlassian Confluence Rce Flaw
Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers....
Malicious Web Redirect Scripts Stealth Up To Hide On Hacked Sites
Security researchers looking at more than 10,000 scripts used by the Parrot traffic direction system (TDS) noticed an evolution marked by...
Cracked Macos Apps Drain Wallets Using Scripts Fetched From Dns Records
Hackers are using a stealthy method to deliver to macOS users information-stealing malware through DNS records that hide malicious scripts....
Sec Confirms X Account Was Hacked In Sim Swapping Attack
The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the...
