Microsoft: North Korean hackers target Russian govt, defense orgs
Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year....
cybersecurity
Windows cryptomining attacks target graphic designer’s high-powered GPUs
Image: Midjourney Cybercriminals are leveraging a legitimate Windows tool called 'Advanced Installer' to infect the computers of graphic designers with...
Johnson & Johnson discloses IBM data breach impacting patients
Johnson & Johnson Health Care Systems ("Janssen") has informed its CarePath customers that their sensitive information has been compromised in...
Google: State hackers attack security researchers with new zero-day
Google's Threat Analysis Group (TAG) says North Korean state hackers are again targeting security researchers in attacks using at least...
CISA warns of critical Apache RocketMQ bug exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical–severity...
Cisco BroadWorks impacted by critical authentication bypass flaw
A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers...
Iranian hackers breach US aviation org via Zoho, Fortinet bugs
Image: Midjourney State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a...
Google Looker Studio abused in cryptocurrency phishing attacks
Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account...
Apple zero-click iMessage exploit used to infect iPhones with spyware
Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a...
Zero-Day Flaw Exposes Atlas VPN User IPs
A Reddit user known as “Educational-Map-8145” has exposed a critical zero-day flaw affecting the Linux client of Atlas VPN, a popular...
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA
A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that...
Toyota says filled disk storage halted Japan-based factories
Image: Midjourney Toyota says a recent disruption of operations in Japan-based production plants was caused by its database servers running...
Flipper Zero can be used to launch iOS Bluetooth spam attacks
The Flipper Zero portable wireless pen-testing and hacking tool can be used to aggressively spam Bluetooth connection messages at Apple...
Mirai variant infects low-cost Android TV boxes for DDoS attacks
Image: Midjourney A new Mirai malware botnet variant has been spotted infecting inexpensive Android TV set-top boxes used by millions...
September Android updates fix zero-day exploited in attacks
The September 2023 Android security updates tackle 33 vulnerabilities, including a zero-day bug currently targeted in the wild. This high-severity...
How SMEs can use Wazuh to improve cybersecurity
Cybersecurity has become a crucial concern for businesses of all sizes and sectors in today's digital era. Cyber attacks are...
University of Michigan requires password resets after cyberattack
On Tuesday, the University of Michigan (UMICH) warned staff and students that they must reset their account passwords after a...
Continuous Security: PTaaS Bridges the Gap within Application Security
Pen testing, also known as "ethical hacking," involves a team of cybersecurity professionals tasked to test the resilience of an organization's...
Coffee Meets Bagel says recent outage caused by destructive cyberattack
The Coffee Meets Bagel dating platform confirms last week's outage was caused by hackers breaching the company's systems and deleting...
Crypto casino Stake.com loses $41 million to hot wallet hackers
Image: Midjourney Online cryptocurrency casino Stake.com announced that its ETH/BSC hot wallets had been compromised to perform unauthorized transactions, with...
Atlas VPN zero-day vulnerability leaks users’ real IP address
An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user's real IP address simply by visiting a website....
Chaes malware now uses Google Chrome DevTools Protocol to steal data
The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools...
ASUS routers vulnerable to critical remote code execution flaws
Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices...
Mend.io SAML Vulnerability Exposed
WithSecure has unveiled a new security vulnerability in Mend.io’s application security platform today, raising concerns about data privacy and potential...
