The Rising Threat of Secrets Sprawl and the Need for Action
The most precious asset in today's information age is the secret safeguarded under lock and key. Regrettably, maintaining secrets has...
News
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They...
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They...
China Bans U.S. Chip Giant Micron, Citing “Serious Cybersecurity Problems”
China has banned U.S. chip maker Micron from selling its products to Chinese companies working on key infrastructure projects, citing...
CISA orders govt agencies to patch iPhone bugs exploited in attacks
Today, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) ordered federal agencies to address three recently patched zero-day flaws affecting iPhones,...
Malicious Windows kernel drivers used in BlackCat ransomware attacks
The ALPHV ransomware group (aka BlackCat) was observed employing signed malicious Windows kernel drivers to evade detection by security software...
An AI-based Chrome Extension Against Phishing, Malware, and Ransomware
The Anti-Phishing Council has reported an increase in phishing reports and URLs, particularly targeting financial institutions. Despite using evasive techniques,...
Pentagon explosion hoax goes viral after verified Twitter accounts push
Highly realistic AI-generated images depicting an explosion near the Pentagon that went viral on Twitter caused the stock market to...
Crypto phishing service Inferno Drainer defrauds thousands of victims
A cryptocurrency phishing and scam service called 'Inferno Drainer' has reportedly stolen over $5.9 million worth of crypto from 4,888...
US-CERT Vulnerability Summary for the Week of May 8, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations
A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2)...
EU Regulators Hit Meta with Record $1.3 Billion Fine for Data Transfer Violations
Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the...
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They...
Bad Magic’s Extended Reign in Cyber Espionage Goes Back Over a Decade
New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it...
KeePass Exploit Allows Attackers to Recover Master Passwords from Memory
A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited...
U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes
A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has...
Google will delete accounts inactive for more than 2 years
Google has updated its policy for personal accounts across its services to allow a maximum period of inactivity of two...
Android phones are vulnerable to fingerprint brute-force attacks
Researchers at Tencent Labs and Zhejiang University have presented a new attack called 'BrutePrint,' which brute-forces fingerprints on modern smartphones...
US-CERT Vulnerability Summary for the Week of May 8, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted
The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled...
npm packages caught serving TurkoRAT binaries that mimic NodeJS
Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead...
Cloned CapCut websites push information stealing malware
A new malware distribution campaign is underway impersonating the CapCut video editing tool to push various malware strains to unsuspecting...
PyPI temporarily pauses new users, projects amid high volume of malware
PyPI, the official third-party registry of open source Python packages has temporarily suspended new users from signing up, and new...
US-CERT Vulnerability Summary for the Week of May 8, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
