Cisco phone adapters vulnerable to RCE attacks, no fix available
Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote...
cybersecurity
Brightline data breach impacts 783K pediatric mental health patients
Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware...
Google adds passkeys support for passwordless sign-in on all accounts
Google is rolling out support for passkeys for Google Accounts across all services and platforms, allowing users to sign into...
Researcher hijacks popular Packagist PHP packages to get a job
A researcher hijacked over a dozen Packagist packages—with some having been installed hundreds of millions of times over the course...
Russian hackers use WinRAR to wipe Ukraine state agency’s data
The Russian 'Sandworm' hacking group has been linked to an attack on Ukrainian state networks where WinRar was used to...
Facebook disrupts new NodeStealer information-stealing malware
Facebook discovered a new information-stealing malware distributed on Meta called 'NodeStealer,' allowing threat actors to steal browser cookies to hijack...
Police dismantles Try2Check credit card verifier used by dark web markets
The U.S. Department of Justice announced today the indictment of Russian citizen Denis Gennadievich Kulkov, suspected of running a stolen...
City of Dallas hit by Royal ransomware attack impacting IT services
The City of Dallas, Texas, has suffered a Royal ransomware attack, causing it to shut down some of its IT...
Hackers start using double DLL sideloading to evade detection
An APT hacking group known as "Dragon Breath," "Golden Eye Dog," or "APT-Q-27" is demonstrating a new trend of using...
How To Secure Web Applications Against AI-assisted Cyber Attacks
Artificial intelligence (AI) has brought forth a new era of innovation, with its transformative impact being felt across various industries...
Level Finance crypto exchange hacked after two security audits
Hackers exploited a Level Finance smart contract vulnerability to drain 214,000 LVL tokens from the decentralized exchange and swapped them...
FBI seizes 9 crypto exchanges used to launder ransomware payments
The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including...
Police operation ‘SpecTor’ arrests 288 dark web drug vendors and buyers
An international law enforcement operation codenamed 'SpecTor' has arrested 288 dark web vendors and customers worldwide, with police seizing €50.8...
1Password explains scary Secret Key and password change alerts
1Password says a recent incident that caused customers to receive notifications about changed passwords was the result of service disruption...
Hackers exploit 5-year-old unpatched flaw in TBK DVR devices
Hackers are actively exploiting an unpatched 2018 authentication bypass vulnerability in exposed TBK DVR (digital video recording) devices. DVRs are...
Hackers leak images to taunt Western Digital’s cyberattack response
The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating...
New LOBSHOT malware gives hackers hidden VNC access to Windows devices
A new malware known as ‘LOBSHOT’ distributed using Google ads allows threat actors to stealthily take over infected Windows devices...
T-Mobile discloses second data breach since the start of 2023
T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds...
Google starts taking down CryptBot malware infrastructure
A court order has been granted to Google to take down the malware infrastructure associated with Cryptbot info stealer after...
Hackers use fake ‘Windows Update’ guides to target Ukrainian govt
The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian hackers are targeting various government bodies in the country with malicious...
Hackers target vulnerable Veeam backup servers exposed online
Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile...
Mandiant’s mWISE Event is Where Security’s Best Get Better
Mark your calendar for mWISE™, a global gathering where security’s top practitioners come together to tackle the industry’s biggest challenges....
CISA warns of critical bugs in Illumina DNA sequencing systems
The U.S. Cybersecurity Infrastructure Security Agency (CISA) and the FDA have issued an urgent alert about two vulnerabilities that impact...
Hackers swap stealth for realistic checkout forms to steal credit cards
Hackers are hijacking online stores to display modern, realistic-looking fake payment forms to steal credit cards from unsuspecting customers. These...
