Russia Behind Fake Haitian Voters Video: US Agencies Warn of Disinformation
US agencies have found that Russian operatives are responsible for a fabricated video portraying illegal voting by Haitians in Georgia....
News
AI-Driven Discovery: Google Researchers Identify First Vulnerability
In groundbreaking news, Google researchers from Project Zero and DeepMind have successfully identified their first real-world vulnerability leveraging artificial intelligence...
Cybercriminals Target DocuSign APIs for Fake Invoices: An Emerging Threat
Cybercriminals are increasingly targeting DocuSign APIs to deliver convincing fake invoices, a trend that poses significant risks to businesses. Cybersecurity...
US-CERT Vulnerability Summary for the Week of October 28, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some...
German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested
German law enforcement authorities have announced the disruption of a criminal service called dstatcc that made it possible for other...
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a...
Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)
As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately,...
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 – Nov 03)
This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from...
Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine
Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted...
New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls
Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka...
Iranian Threat Actor Cotton Sandstorm Leveraging New Tradecraft
The warning from the US and Israel highlights the evolving tactics of the Iranian state-sponsored group Cotton Sandstorm, now leveraging...
Critical Software Vulnerabilities in Industrial Devices: CISA’s Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding software vulnerabilities affecting industrial devices. This alert...
Chinese Hackers Shift Tactics: Enhanced Stealth and Targeted Attacks
Cybersecurity insights reveal that Chinese hackers have developed stealthier techniques over recent years, shifting from broad attacks to targeted strategies....
Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer...
Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns
Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time...
5 SaaS Misconfigurations Leading to Major Fu*%@ Ups
With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk...
Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft
Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate...
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even...
Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar
Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within...
New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites
Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain,...
81% of US Small Businesses Affected by Data Breaches: Security Measures on the Rise
In a concerning trend, 81% of US small businesses faced data breaches last year, compelling many to ramp up their...
Emeraldwhale Attack Exposes Misconfigured Git Configurations and 15,000 Credentials
The Emeraldwhale attack has revealed vulnerabilities in misconfigured Git configurations, leading to the theft of over 15,000 cloud service credentials....
Chinese Hackers Breach Canadian Government Networks: A Growing Cyber Threat
Chinese-sponsored hackers have compromised at least 20 Canadian government networks over the past four years, raising alarms about national security....
Xiu Gou Phishing Kit Targets Users in US and Worldwide with Unique Mascot
The Xiu Gou phishing kit is a new cyber threat targeting users in the US, UK, Australia, Japan, and Spain,...
