Cloudflare, a lead provider of content delivery network (CDN) services, cloud security, and DDoS protection has warned that it has not authorized the use of its name or logo on the Polyfill.io website, which has recently been caught injecting malware on more than 100,000 websites … | Continue reading
Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft. [...] | Continue reading
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. [...] | Continue reading
The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. [...] | Continue reading
The June 2024 optional update for Windows 10 is now available. Today's update brings KB5039299 for Windows 10 version 22H2 and older, with up to nine bug fixes or changes. [...] | Continue reading
A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data. [...] | Continue reading
A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that create new accounts with administrative privileges on websites running them. [...] | Continue reading
Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and scam sites. [...] | Continue reading
The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey. [...] | Continue reading
Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company's database stolen in recent Snowflake data theft attacks. [...] | Continue reading
The FBI is warning of cybercriminals posing as law firms and lawyers that offer cryptocurrency recovery services to victims of investment scams and steal funds and personal information. [...] | Continue reading
P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers. [...] | Continue reading
CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans. [...] | Continue reading
Google is testing a new feature called "Digital Credential API" for Chrome on Android that will allow websites to request identity information from mobile wallets using Android's IdentityCredential system. [...] | Continue reading
A novel command execution technique dubbed 'GrimResource' uses specially crafted MSC (Microsoft Saved Console) and an unpatched Windows XSS flaw to perform code execution via the Microsoft Management Console. [...] | Continue reading
CoinStats suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean threat actors. [...] | Continue reading
Microsoft's updated Photos app is now available for Windows 11 in the Windows Insider Program, bringing requested interface changes and better image quality. [...] | Continue reading
Hackers are exploiting a flaw in a premium Facebook module for PrestaShop named pkfacebook to deploy a card skimmer on vulnerable e-commerce sites and steal people's payment credit card details. [...] | Continue reading
The BlackSuit ransomware gang is behind CDK Global's massive IT outage and disruption to car dealerships across North America, according to multiple sources familiar with the matter. [...] | Continue reading
An open-source Android malware named 'Ratel RAT' is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram. [...] | Continue reading
The Los Angeles Unified School District has confirmed a data breach after threat actors stole student and employee data by breaching the company's Snowflake account. [...] | Continue reading
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned twelve Kaspersky Lab executives for operating in the technology sector of Russia. [...] | Continue reading
A suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named 'Reptile' and 'Medusa' to remain hidden on VMware ESXi virtual machines, allowing them to conduct credential theft, command execution, and lateral movement. [...] | Continue reading
A new speculative execution attack named "TIKTAG" targets ARM's Memory Tagging Extension (MTE) to leak data with over a 95% chance of success, allowing hackers to bypass the security feature. [...] | Continue reading
A newly discovered Linux malware dubbed 'DISGOMOJI' uses the novel approach of utilizing emojis to execute commands on infected devices in attacks on government agencies in India. [...] | Continue reading
ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. [...] | Continue reading
Microsoft has announced new cybersecurity enhancements for Outlook personal email accounts as part of its 'Secure Future Initiative,' including the deprecation of basic authentication (username + password) by September 16, 2024. [...] | Continue reading
PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. [...] | Continue reading
Mozilla Firefox finally allows you to further protect local access to stored credentials in the browser's password manager using your device's login, including a password, fingerprint, pin, or other biometrics [...] | Continue reading
NHS England revealed today that multiple London hospitals impacted by last week's Synnovis ransomware attack were forced to cancel hundreds of planned operations and appointments. [...] | Continue reading
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs. [...] | Continue reading
A former quality assurance employee of National Computer Systems (NCS) was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. [...] | Continue reading
Microsoft says it removed a Copilot app that was "incorrectly" added to Windows 10 and Windows 11 systems in April due to buggy Microsoft Edge updates. [...] | Continue reading
The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines. [...] | Continue reading
American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of its web portals. [...] | Continue reading
Microsoft is delaying the release of its AI-powered Windows Recall feature to test and secure it further before releasing it in a public preview on Copilot+ PCs. [...] | Continue reading
Leading U.S. commercial bank Truist confirmed its systems were breached in an October 2023 cyberattack after a threat actor posted some of the company's data for sale on a hacking forum. [...] | Continue reading
Ascension, one of the largest U.S. healthcare systems, revealed that a May 2024 ransomware attack was caused by an employee who downloaded a malicious file onto a company device. [...] | Continue reading
The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024. [...] | Continue reading
The Toronto District School Board (TDSB) is warning that it suffered a ransomware attack on its software testing environment and is now investigating whether any personal information was exposed. [...] | Continue reading
U.S. food chain giant Panera Bread is notifying employees of a data breach after unknown threat actors stole their sensitive personal information in a March ransomware attack. [...] | Continue reading
A proof-of-concept (PoC) exploit for a critical Veeam Recovery Orchestrator authentication bypass vulnerability tracked as CVE-2024-29855 has been released, elevating the risk of being exploited in attacks. [...] | Continue reading
Amazon Web Services (AWS) has introduced FIDO2 passkeys as a new method for multi-factor authentication (MFA) to enhance account security and usability. [...] | Continue reading
Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. [...] | Continue reading
Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money. [...] | Continue reading
A new phishing kit has been released that allows red teamers and cybercriminals to create progressive web Apps (PWAs) that display convincing corporate login forms to steal credentials. [...] | Continue reading
Safety and location services company Life360 says it was the target of an extortion attempt after a threat actor breached and stole sensitive information from a Tile customer support platform. [...] | Continue reading
Microsoft has announced that the DirectAccess remote access solution is now deprecated and will be removed in a future release of Windows, recommending companies migrate to the 'Always On VPN' for enhanced security and continued support. [...] | Continue reading