Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information....
News
It’s Time To Untangle the SaaS Ball of Yarn
It's no great revelation to say that SaaS applications have changed the way we operate, both in our personal and...
Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details
In what's a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer...
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software...
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000...
CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with...
Ubuntu Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in Ubuntu Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial...
SUSE Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in SUSE Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial...
Unicoin Staff Locked Out of G-Suite in Mystery Attack
A leading cryptocurrency firm has admitted that its employees were unable to use their corporate productivity apps for four days...
Microsoft Apps for macOS Exposed to Library Injection Attacks
Eight Microsoft applications for macOS are vulnerable to library injection attacks, potentially allowing adversaries to steal app permissions and breach...
Ransomware Resilience Drives Down Cyber Insurance Claims
More organizations than ever subscribe to cyber insurance, yet the number of claims are plummeting, according to a new report...
New Tool Xeon Sender Enables Large-Scale SMS Spam Attacks
A cloud-based tool named Xeon Sender has enabled attackers to conduct large-scale SMS spam and phishing campaigns by leveraging legitimate...
NCSC Opens Cyber Resilience Audit Scheme to Applicants
The UK’s National Cyber Security Centre (NCSC) has officially launched a scheme designed to find auditors for a new cyber-resilience...
FBI and CISA Assure Public on Election Ransomware Security
Read more about election security: CISA Director Confident in US Election Security AI-Powered Robocalls Banned Ahead of US Election Can...
Iran Behind Trump Campaign Hack, US Government Confirms
The US government has confirmed that Iranian actors were behind recent cyber-attacks on Donald Trump’s Presidential campaign.The announcement comes after...
Former Congressman Santos Admits Identity Theft and Fraud
A former Republican lawmaker is facing jail time after pleading guilty to wire fraud and aggravated identity theft.George Santos, 36,...
Jewish Home Lifecare Notifies 100,000 Victims of Ransomware Breach
A non-profit healthcare organization (HCO) dedicated to serving senior citizens has revealed the extent of a major ransomware breach earlier...
Novel Phishing Method Used in Android/iOS Financial Fraud Campaigns
A recently discovered sophisticated mobile phishing technique has been observed in financial fraud campaigns across the Czech Republic, Hungary and...
New DNS-Based Backdoor Threat Discovered at Taiwanese University
A newly identified security threat utilizing a rarely seen DNS-based communication method has been discovered by threat analysts in an...
Vermin Cyber-Attacks Target Ukraine, Exploiting Kursk Battle
Ukraine’s Computer Emergency Response Team (CERT-UA) has uncovered cyber-attacks which use malicious emails with photos of alleged prisoners of war...
Iranian Group TA453 Launches Phishing Attacks with BlackSmith
The Iranian-linked threat actor TA453 (also known as Charming Kitten) has been observed launching a sophisticated phishing attack using a...
Czech Mobile Users Targeted in New Banking Credential Theft Scheme
Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application...
Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys
As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon...
Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware
Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024...
