Practical Guidance For Securing Your Software Supply Chain
The heightened regulatory and legal pressure on software-producing organizations to secure their supply chains and ensure the integrity of their...
News
Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware
Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting...
Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping
Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones...
Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack
Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired...
New Medusa Android Trojan Targets Banking Users Across 7 Countries
Cybersecurity researchers have discovered an updated version of an Android banking trojan called Medusa that has been used to target...
Credential Stuffing Attack Hits 72,000 Levi’s Accounts
Tens of thousands of Levi’s customers may have had their accounts compromised after a credential stuffing attack, the clothing giant...
Suspected North Korean Attack Drains $2m from CoinStats Wallets
A popular cryptocurrency portfolio management specialist has revealed a major cyber-attack which impacted 1590 of its customers’ crypto wallets.CoinStats describes...
New Medusa Trojan Variant Emerges with Enhanced Stealth Features
New fraud campaigns have been discovered involving the Medusa (TangleBot) banking Trojan, which had evaded detection for nearly a year. An...
Cloud Breaches Impact Nearly Half of Organizations
Nearly half (44%) of organizations have experienced a cloud data breach, with 14% reporting having had an incident in the...
Google’s Naptime Framework to Boost Vulnerability Research with AI
Vulnerability researchers at Google’s Project Zero have introduced Naptime, a new framework that will be used to enable a large...
Dark Web Sees 230% Rise in Singapore Identity Theft
Security researchers have uncovered a significant increase in dark web activity involving stolen identity information from Singapore citizens. In an advisory...
How to Cut Costs with a Browser Security Platform
Browser security is becoming increasingly popular, as organizations understand the need to protect at the point of risk - the...
New Cyberthreat ‘Boolka’ Deploying BMANAGER Trojan via SQLi Attacks
A previously undocumented threat actor dubbed Boolka has been observed compromising websites with malicious scripts to deliver a modular trojan...
New Attack Technique Exploits Microsoft Management Console Files
Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files...
Wikileaks’ Julian Assange Released from U.K. Prison, Heads to Australia
WikiLeaks founder Julian Assange has been freed in the U.K. and has departed the country after serving more than five...
Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts
Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with...
4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree
Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in...
Sellafield Pleads Guilty to Historic Cybersecurity Offenses
The organization managing the world’s largest stockpile of plutonium has pleaded guilty to all criminal charges, in a first-of-its-kind case...
Android Users Warned of Rising Malware Threat From Rafel RAT
Security researchers have warned against Rafel, an open-source remote administration tool (RAT) targeting Android devices. The investigation by Check Point Research...
Polish Prosecutors Step Up Probe into Pegasus Spyware Operation
Poland’s new government appears to be ramping up its investigation into allegations that the previous administration used notorious commercial spyware...
China-Based RedJuliett Targets Taiwan in Cyber Espionage Campaign
RedJuliett, a likely Chinese state-sponsored group, conducted cyber espionage campaigns targeting Taiwan from November 2023 to April 2024, according to...
Modular Malware Boolka’s BMANAGER Trojan Exposed
Security researchers from Group-IB have unveiled the operations of a threat actor known as Boolka, whose activities involve deploying sophisticated...
US-CERT Vulnerability Summary for the Week of June 17, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool
Cybersecurity researchers have detailed a now-patch security flaw affecting the Ollama open-source artificial intelligence (AI) infrastructure platform that could be...
