Google fixes fifth actively exploited Chrome zero-day of 2023
Google has patched the fifth Chrome zero-day vulnerability exploited in attacks since the start of the year in emergency security...
cybersecurity
SSH keys stolen by stream of malicious PyPI and npm packages
A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software...
US and Japan warn of Chinese hackers backdooring Cisco routers
US and Japanese law enforcement and cybersecurity agencies warn of the Chinese 'BlackTech' hackers breaching network devices to install custom...
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families...
Can we fix the weaknesses in password-based authentication?
In password-based authentication, end-users confirm their identity using login credentials, commonly a unique username, and a secret password. These credentials...
SickKids impacted by BORN Ontario data breach that hit 3.4 million
The Hospital for Sick Children, more commonly known as SickKids, is among healthcare providers that were impacted by the recent breach...
New AtlasCross hackers use American Red Cross as phishing lure
A new APT hacking group named 'AtlasCross' targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor...
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and...
New ZeroFont phishing tricks Outlook into showing fake AV-scans
Hackers are utilizing a new trick of using zero-point fonts in emails to make malicious emails appear as safely scanned...
Hackers actively exploiting Openfire flaw to encrypt servers
Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers. Openfire...
Sony investigates cyberattack as hackers fight over who’s responsible
Sony says that it is investigating allegations of a cyberattack this week as different hackers have stepped up to claim responsibility for...
ShadowSyndicate Investigation Reveals RaaS Ties
A recent collaborative investigation by Group-IB Threat Intelligence, Bridewell and threat researcher Michael Koczwara has exposed the existence of a new...
Google is retiring its Gmail Basic HTML view in January 2024
Google is notifying Gmail users that the webmail's Basic HTML view will be deprecated in January 2024, and users will...
BORN Ontario child registry data breach affects 3.4 million people
The Better Outcomes Registry & Network (BORN), a healthcare organization funded by the government of Ontario, has announced that it is...
Xenomorph Android malware now targets U.S. banks and crypto wallets
Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the...
Mixin Network suspends operations following $200 million hack
Mixin Network, an open-source, peer-to-peer transactional network for digital assets, has announced today on Twitter that deposits and withdrawals are...
Fake celebrity photo leak videos flood TikTok with Temu referral codes
TikTok is flooded with videos promoting fake nude celebrity photo leaks used to push referral rewards for the Temu online...
Evasive Gelsemium hackers spotted in attack against Asian govt
A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned...
National Student Clearinghouse data breach impacts 890 schools
U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United...
Air Canada discloses data breach of employee and ‘certain records’
Image Credit: John McArthur (Unsplash) Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident...
New stealthy and modular Deadglyph malware used in govt attacks
A novel and sophisticated backdoor malware named 'Deadglyph' was seen used in a cyberespionage attack against a government agency in...
Hotel hackers redirect guests to fake Booking.com to steal cards
Security researchers discovered a multi-step information stealing campaign where hackers breach the systems of hotels, booking sites, and travel agencies...
T-Mobile denies new data breach rumors, points to authorized retailer
T-Mobile has denied suffering another data breach following Thursday night reports that a threat actor leaked a large database allegedly...
Government of Bermuda links cyberattack to Russian hackers
The Government of British overseas territory Bermuda has linked a cyberattack affecting all its departments' IT systems since Thursday to...
