Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks
Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from...
News
Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages
An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to...
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild....
Smart Contracts in Supply Chain Attacks: A Groundbreaking Discovery
In a significant development, researchers have identified the first open source supply chain attack leveraging smart contracts alongside traditional attack...
UK Council Sites Recover Swiftly After Russian DDoS Attack
Following a recent DDoS attack by Russian hacktivists, UK council sites are recovering and restoring their online services effectively. All...
Russia Behind Fake Haitian Voters Video: US Agencies Warn of Disinformation
US agencies have found that Russian operatives are responsible for a fabricated video portraying illegal voting by Haitians in Georgia....
AI-Driven Discovery: Google Researchers Identify First Vulnerability
In groundbreaking news, Google researchers from Project Zero and DeepMind have successfully identified their first real-world vulnerability leveraging artificial intelligence...
Cybercriminals Target DocuSign APIs for Fake Invoices: An Emerging Threat
Cybercriminals are increasingly targeting DocuSign APIs to deliver convincing fake invoices, a trend that poses significant risks to businesses. Cybersecurity...
Nigerian Sentenced to 26 Years for $12 Million Real Estate Phishing Scam
A Nigerian man has received a 26-year sentence in a US federal prison due to a significant real estate phishing...
Columbus Ransomware Attack Exposes Personal Data of 500,000 Residents
A recent ransomware attack in Columbus, Ohio, has raised serious concerns as it has compromised the personal data of 500,000...
US-CERT Vulnerability Summary for the Week of October 28, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some...
German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested
German law enforcement authorities have announced the disruption of a criminal service called dstatcc that made it possible for other...
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a...
Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)
As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately,...
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 – Nov 03)
This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from...
Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine
Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted...
New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls
Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka...
Critical Software Vulnerabilities in Industrial Devices: CISA’s Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding software vulnerabilities affecting industrial devices. This alert...
Chinese Hackers Shift Tactics: Enhanced Stealth and Targeted Attacks
Cybersecurity insights reveal that Chinese hackers have developed stealthier techniques over recent years, shifting from broad attacks to targeted strategies....
Iranian Threat Actor Cotton Sandstorm Leveraging New Tradecraft
The warning from the US and Israel highlights the evolving tactics of the Iranian state-sponsored group Cotton Sandstorm, now leveraging...
Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer...
5 SaaS Misconfigurations Leading to Major Fu*%@ Ups
With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk...
Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft
Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate...
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even...
