Hacker claims to be selling Twitter data of 400 million users
A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using...
cybersecurity
New info-stealer malware infects software pirates via fake cracks sites
A new information-stealing malware named ‘RisePro’ is being distributed through fake cracks sites operated by the PrivateLoader pay-per-install (PPI) malware...
Hackers exploit bug in WordPress gift card plugin with 50K installs
Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000...
Massive Twitter data leak investigated by EU privacy watchdog
Source: DALL-E The Irish Data Protection Commission (DPC) has launched an inquiry following last month's news reports of a massive Twitter...
The Week in Ransomware – December 23rd 2022 – Targeting Microsoft Exchange
Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate...
North Korea linked threat actors have stolen an estimated billion worth of cryptocurrency and other virtual assets in the past five years
North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past...
The nbsp data breach suffered by LastPass in August may have been more severe than previously thought
The data breach suffered by LastPass in August 2022 may have been more severe than previously thought.In August password management software...
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities.Microsoft Threat Intelligence Center (MSTIC) researchers...
Ghost CMS vulnerable to critical authentication bypass flaw
A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing...
Leading sports betting firm BetMGM discloses data breach
Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed...
DuckDuckGo now blocks Google sign-in pop-ups on all sites
DuckDuckGo apps and extensions are now blocking Google Sign-in pop-ups on all its apps and browser extensions, removing what it...
Lastpass: Hackers stole customer vault data in cloud storage breach
LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen...
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities.Microsoft Threat Intelligence Center (MSTIC) researchers...
The Vice Society ransomware group has adopted new custom ransomware with a strong encryption scheme in recent intrusions
The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions.SentinelOne researchers discovered...
North Korea linked threat actors have stolen an estimated billion worth of cryptocurrency and other virtual assets in the past five years
North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past...
Brave launches FrodoPIR, a privacy-focused database query system
Brave Software developers have created a new privacy-centric database query system called FrodoPIR that retrieves data from servers without disclosing the...
Vice Society ransomware gang switches to new custom encryptor
The Vice Society ransomware operation has switched to using a custom ransomware encrypt that implements a strong, hybrid encryption scheme...
Comcast Xfinity accounts hacked in widespread 2FA bypass attacks
Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then...
FIN7 hackers create auto-attack platform to breach Exchange servers
The notorious FIN7 hacking group uses an automated attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach...
Google Ad fraud campaign used adult content to make millions
A massive advertising fraud campaign using Google Ads and 'popunders' on adult sites is estimated to have generated millions of...
Okta’s source code stolen after GitHub repositories hacked
Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were...
GodFather Android malware targets 400 banks, crypto exchanges
An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over...
FBI warns of search engine ads pushing malware, phishing
The FBI warns that threat actors are using search engine advertisements to promote websites distributing ransomware or stealing login credentials...
Raspberry Robin worm drops fake malware to confuse researchers
The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers...
