Mur d'images - Cyberveille

curated by Decio

Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking

Revealed: Israel demanded Google and Amazon use secret ‘wink’ to sidestep legal orders

Three suspected developers of Meduza Stealer malware arrested in Russia

CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware | TechCrunch

TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition

Sweden’s power grid operator confirms data breach claimed by ransomware gang

Infostealers Disguised as Free Video Game Cheats

How we linked ForumTroll APT to Dante spyware by Memento Labs

Google and Check Point nuke massive YouTube malware network

Key IOCs for Pegasus and Predator Spyware Cleaned With iOS 26 Update

LockBit Returns — and It Already Has Victims

Unseeable prompt injections in screenshots: more vulnerabilities in Comet and other AI browsers

ToolShell Used to Compromise Telecoms Company in Middle East

Hacking Formula 1: Accessing Max Verstappen's passport and PII through FIA bugs

Apple alerts exploit developer that his iPhone was targeted with government spyware | TechCrunch

Two months later, gov't admits hackers accessed internal platforms, digital certificates

A Retrospective Survey of 2024/2025 Open Source Supply Chain Compromises

Nintendo allegedly hacked by Crimson Collective hacking group — screenshot shows leaked folders, production assets, developer files, and backups

Massive Pokemon leak purportedly covers gen 10 games, scrapped Z-A ideas

F5 says hackers stole undisclosed BIG-IP flaws, source code

Supply Chain Risk in VSCode Extension Marketplaces

Have plans on paper in case of cyber-attack, firms told

Hackers can steal 2FA codes and private messages from Android phones

A major evolution of Apple Security Bounty, with the industry's top awards for the most advanced research

Microsoft violated EU law in handling of kids’ data, Austrian privacy regulator finds | The Record from Recorded Future News

Minister of Economic Affairs invokes Goods Availability Act | News item | Government.nl

Spain dismantles “GXC Team” cybercrime syndicate, arrests leader

US law firm with major political clients hacked in spying spree linked to China

Discord says 70,000 users may have had their government IDs leaked in breach | The Verge

North Korean agents pretending to be IT guys have funneled up to $1 billion into Kim Jong Un's nuclear program | Fortune

I Won a Class Action Lawsuit Against a Parking App. They Gave Me a $1 Credit

Hacker group Black Mirror releases first batch of Rostec files detailing Russia’s international military deals and sanctions evasion schemes

Renault's UK customers told to be vigilant after cyber-attack

CVE-2025-59489: Arbitrary Code Execution in Unity Runtime

Scattered LAPSUS$ Hunters Ransomware Group Claims New Victims on New Website

Submarine cable security is all at sea

Cybersecurity Training Programs Don’t Prevent Employees from Falling for Phishing Scams

NIRS fire destroys government's cloud storage system, no backups available

Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks

Munich Airport Drone Sightings Force Flight Cancellations, Adding To Wave Of European Incidents

Hacking group claims theft of 1 billion records from Salesforce customer databases | TechCrunch

GreyNoise detects 500% surge in scans targeting Palo Alto Networks portals

Update on a Security Incident Involving Third-Party Customer Service

'Delightful' Red Hat OpenShift AI bug allows full takeover

ShinyHunters launches Salesforce data leak site to extort 39 victims

Security update: Incident related to Red Hat Consulting GitLab instance

Red Hat confirms security incident after hackers claim GitHub breach

Microsoft’s new Security Store is like an app store for cybersecurity | The Verge

Security Alert: Malicious 'postmark-mcp' npm Package Impersonating Postmark | Postmark

CVE-2025-24085

From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion

You name it, VMware elevates it (CVE-2025-41244)

'You'll never need to work again': Criminals offer reporter money to hack BBC

Record fraud crackdown saves half a billion for public services

Netherlands: Two teenagers arrested in spying case linked to Russia

Viral call-recording app Neon goes dark after exposing users' phone numbers, call recordings, and transcripts

Microsoft blocks Israel’s use of its technology in mass surveillance of Palestinians | Israel | The Guardian

SonicWall releases SMA100 firmware update to wipe rootkit malware

Man arrested in connection with cyber-attack on airports

EU cyber agency says airport software held to ransom by criminals

What happens when a cybersecurity company gets phished? – Sophos News

Our plan for a more secure npm supply chain

'Capable actor' behind drones at Copenhagen airport

Alleged Scattered Spider member turns self in to Las Vegas police

Cybercriminals Have a Weird New Way to Target You With Scam Texts | WIRED

Flight delays continue across Europe after weekend cyber-attack

CopyCop Deepens Its Playbook with New Websites and Targets

Two teenage suspected Scattered Spider members charged in UK over TfL hack

Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service

Attorney General Schwalb Sues Crypto ATM Operator for Financially Exploiting District Residents

Google confirms fraudulent account created in law enforcement portal

Jaguar Land Rover: Some suppliers 'face bankruptcy' due to hack crisis

FBI warns of Scattered Spider and ShinyHunters attacks on Salesforce platforms

Update: Kering confirms Gucci and other brands hacked; claims no conversations with hackers?

China’s ‘Typhoons’ changing the way FBI hunts sophisticated threats

Lovesac confirms data breach after ransomware attack claims

Swiss government looks to undercut privacy tech, stoking fears of mass surveillance

‘Partygate,’ a Russian threat and reality TV: What hackers found in Boris Johnson leak

Vietnam’s national credit registration and reporting agency hacked; most of the population affected – DataBreaches.Net

Jeremy Clarkson revealed hackers stole £27,000 from his pub

Major blood center says thousands had data leaked in January ransomware attack

European crypto platform SwissBorg to reimburse users after $41 million theft

SessionReaper, unauthenticated RCE in Magento & Adobe Commerce (CVE-2025-54236)

SAP fixes maximum severity NetWeaver command execution flaw

ICE reactivates contract with spyware maker Paragon

SaaS giant Workiva discloses data breach after Salesforce attack

Tech war: Huawei executive claims victory over US sanctions with computing, AI ecosystem

A Primer on Forensic Investigation of Salesforce Security Incidents

Jaguar Land Rover production severely hit by cyber attack

Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft Drift breach - Help Net Security

Hexstrike-AI: LLM Orchestration Driving Real-World Zero-Day Exploits

Cloudflare hit by data breach in Salesloft Drift supply chain attack

Spanish government cancels €10m contract using Huawei equipment

U.S. Government Seizes Online Marketplaces Selling Fraudulent Identity Documents Used in Cybercrime Schemes

Salesloft Drift Supply Chain Incident: Key Details and Zscaler’s

OpenAI Says It's Scanning Users' ChatGPT Conversations and Reporting Content to the Police

Amazon disrupts watering hole campaign by Russia’s APT29

UK and allies expose China-based technology companies for enabling global cyber campaign against critical networks

State-Sponsored Hackers Behind Majority of Vulnerability Exploits - Infosecurity Magazine

Root - CVE-2025-48384: Critical Git Vulnerability Actively Exploited

WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch

Velociraptor incident response tool abused for remote access

Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier

Thousands of Developer Credentials Stolen in macOS “s1ngularity” Attack

Swiss hospitals join forces against cyber-attacks - SWI swissinfo.ch

Euro banks block 'unauthorized' PayPal direct debits

Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet

Android Developers Blog: A new layer of security for certified Android devices

Microsoft Asked FBI for Help Tracking Palestinian Protests

Farmers Insurance data breach impacts 1.1M people after Salesforce attack

Intel and Trump Administration Reach Historic Agreement to Accelerate American Technology and Manufacturing Leadership

Limiting Onmicrosoft Domain Usage for Sending Emails

Uzbekistan airline hack reveals data on U.S. government employees

Attackers claim they hacked Nissan's design studio and stole 4TB of data

Inside the Lab-Dookhtegan Hack: How Iranian Ships Lost Their Voice at Sea

Tech war: Huawei unveils algorithm that could cut China’s reliance on foreign memory chips

Developer jailed for malware that took out his employer

Intel Outside: Hacking every Intel employee and various internal websites

Serial hacker who defaced official websites is sentenced

Threat Actor Claims to Sell 15.8 Million Plain-Text PayPal Credentials

Hackers who exposed North Korean government hacker explain why they did it | TechCrunch

Speed cameras knocked out after cyber attack

Microsoft cuts off China's early access to bug disclosures

Think before you Click(Fix): Analyzing the ClickFix social engineering technique | Microsoft Security Blog

Apple fixes zero-day vulnerability exploited in "extremely sophisticated attack" (CVE-2025-43300)

Elon Musk’s xAI Published Hundreds Of Thousands Of Grok Chatbot Conversations

When Safe Links Become Unsafe: How Raven AI Caught Attackers Weaponizing Cisco's URL Rewriting | RavenMail

Preventing Domain Resurrection Attacks

TPG Telecom reveals iiNet order management system breached

Poland foiled cyberattack on big city's water supply, deputy PM says

NIST Guidelines Can Help Organizations Detect Face Photo Morphs, Deter Identity Fraud

Huawei's reach in Spain sparks widespread concern over state infiltration

How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories

Dissecting PipeMagic: Inside the architecture of a modular backdoor framework

Grok Exposes Underlying Prompts for Its AI Personas: ‘EVEN PUTTING THINGS IN YOUR ASS’

Cyber Invasion: 300 auto recyclers victims in ransomware attack

Mac.c Stealer Takes on AMOS:A New Rival Shakes Up the macOS Infostealer Market | HackerNoon

AT&T may pay customers up to $7,500 in $177 million data breach settlement

HMRC staff spying on taxpayers and accessing records without permission

When LLMs autonomously attack

Buttercup is now open-source!

Exclusive: US embeds trackers in AI chip shipments to catch diversions to China, sources say

Hackers Breach Canadian Government Via Microsoft Exploit

Russian hackers took control of Norwegian dam, police chief says

Hackers leak Allianz Life data stolen in Salesforce attacks

MuddyWater’s DarkBit ransomware cracked for free data recovery

Security flaws in a carmaker's web portal let one hacker remotely unlock cars from anywhere

Dutch Prosecutors Recover From Suspected Russian Hack

Google discovered a new scam—and also fell victim to it

Germany’s top court holds that police can only use spyware to investigate serious crimes

Insurance won't cover $5M in City of Hamilton claims for cyberattack, citing lack of log-in security

Millions of cars at risk from Flipper Zero key fob hack, experts warn

Microsoft warns of high-severity flaw in hybrid Exchange deployments

KLM, Air France latest major orgs to have data looted

SharePoint Exploit: Microsoft Used China-Based Engineers to Maintain the Software

Hospital fined after patient files used as snack bags

Exclusive: Confidential informants exposed in Louisiana sheriff's office hack

Breaking NVIDIA Triton: CVE-2025-23319 - A Vulnerability Chain Leading to AI Server Takeover

SonicWall urges customers to take VPN devices offline after ransomware incidents

Google says its AI-based bug hunter found 20 security vulnerabilities

OpenAI removes ChatGPT feature after private conversations leak to Google search

Leading phone repair and insurance firm collapses after paying crippling ransomware demand — Cutting 100+ employees to just eight wasn’t enough

Ransomware attacks cripple government services across Dutch Caribbean islands | NL Times

Patents by Silk Typhoon-linked company shed light on Beijing’s offensive hacking capabilities

PyPI Users Email Phishing Attack

More than 90 state, local governments targeted using Microsoft SharePoint vulnerability, group says

Naming country linked to UNC3886 attack not in Singapore’s best interest at this point in time: Shanmugam

Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage | The Record from Recorded Future News

AI slop and fake reports are coming for your bug bounty programs

Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats

Swiss army funds sovereign satellite network scheme

An important update (and apology) on our PoisonSeed blog

Ukrainian intelligence crashes Russian occupation servers in Crimea

Google took a month to shut down Catwatchful, a phone spyware operation hosted on its servers

Tea app hacked: 13,000 photos leaked after 4chan call to action

Pro-Ukrainian hackers claim massive cyberattack on Russia's Aeroflot

Arizona woman sentenced to 8.5 years for running North Korean laptop farm

Hacker Plants Computer 'Wiping' Commands in Amazon's AI Coding Agent

Amazon AI coding agent hacked to inject data wiping commands

Blame a leak for Microsoft SharePoint attacks: researcher

Renting Android Malware Is Getting Easier and Cheaper

China rolls out ‘voluntary’ cyber ID system amid concerns over privacy, censorship | South China Morning Post

Clorox accuses IT provider in lawsuit of giving hackers employee passwords | Reuters

Aptly Named: How the Leakzone Exposed Access Logs

Microsoft exec admits it 'cannot guarantee' data sovereignty

BlackSuit ransomware leak sites seized in Operation Checkmate

Disrupting active exploitation of on-premises SharePoint vulnerabilities | Microsoft Security Blog

Inside DDoSia: NoName057(16)’s Pro-Russian DDoS Campaign Infrastructure

Weak password allowed hackers to sink a 158-year-old company

npm 'accidentally' removes Stylus package, breaks builds and pipelines

Lumma infostealer malware returns after law enforcement disruption

Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows

Wartime cyberattack wiped data from two major Iranian banks, expert says | Iran International

Russian vodka producer reports disruptions after ransomware attack | The Record from Recorded Future News

A Startup is Selling Data Hacked from Peoples’ Computers to Debt Collectors

Dior begins sending data breach notifications to U.S. customers

How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies

Lookout Discovers Massistant Chinese Mobile Forensic Tooling

Microsoft Confirms Ongoing Mass SharePoint Attack — No Patch Available

Air Serbia delays staff payslips due to ongoing cyberattack

Seychelles Commercial Bank Confirms Customer Data Breach

Ransomware attack disrupts Korea's largest guarantee insurer - The Korea Herald

Remote Input Injection vulnerability in Air Keyboard iOS App Still Unpatched

Global operation targets NoName057(16) pro-Russian cybercrime network – The offenders targeted Ukraine and supporting countries, including many EU Member States

US National Guard unit was 'extensively' hacked by Salt Typhoon in 2024, memo says

Grok 4 Without Guardrails? Total Safety Failure. We Tested and Fixed Elon’s New Model.

Thousands of Afghans relocated to UK under secret scheme after data leak

Microsoft “Digital Escorts” Could Expose Defense Dept. Data to Chinese Hackers — ProPublica

Chinese chipmaker Sophgo adapts compute card for DeepSeek in Beijing’s self-reliance push | South China Morning Post

Bitcoin Depot breach exposes data of nearly 27,000 crypto users

Critical-Vulnerabilities-in-Network Detective

France launches criminal investigation into Musk’s X over algorithm manipulation

Cyber crooks jump on .es domain for credential phishing trip •

Data Leaks from the Chinese Hacking-for-Hire Industry

Four arrested by UK police over ransomware attacks on M&S, Co-op and Harrods

Data Brokers are Selling Your Flight Information to CBP and ICE

New “Opossum” Attack Breaches Secure TLS by Injecting Malicious Messages

French intel chief warns of evolving Russian hybrid operations, ‘existential threat’ to Europe | The Record from Recorded Future News

Canadian media giant Rogers named as victim of Chinese telecom hackers - Nextgov/FCW

Would you like an IDOR with that? Leaking 64 million McDonald’s job applications

11 Google-Verified Chrome Extensions Infected Over 1.7 Million Users

Enterprise Software Extension Security & Management Platform

Critical Vulnerabilities in KIA Infotainment Let Attackers Inject Code with PNG Files

New Hpingbot Exploits Pastebin for Payload Delivery and Uses Hping3 for DDoS Attacks

Malvertising Campaign Delivers Oyster/Broomstick Backdoor via SEO Poisoning and Trojanized Tools

Atomic macOS infostealer adds backdoor for persistent attacks

SEC and SolarWinds Seek Settlement in Securities Fraud Case

Ingram Micro outage caused by SafePay ransomware attack

Netflix, Apple, BofA sites hijacked with fake help numbers

Hacktivists' Claimed Breach of Nuclear Secrets Debunked

Johnson Controls starts notifying people affected by 2023 breach

Ransomware gang attacks German charity that feeds starving children

Data breach reveals Catwatchful 'stalkerware' is spying on thousands of phones

Cyberattack on Brazil tech provider affects reserve accounts of some financial institutions

A Group of Young Cybercriminals Poses the ‘Most Imminent Threat’ of Cyberattacks Right Now

NimDoor crypto-theft macOS malware revives itself when killed

Cisco warns that Unified CM has hardcoded root SSH credentials

Spain arrests hackers who targeted politicians and journalists

NetScaler Critical Security Updates for CVE-2025-6543 and CVE-2025-5777

FBI Warning on IoT Devices: How to Tell If You Are Impacted

Iran-linked hackers threaten to release Trump aides' emails

Treasury Sanctions Global Bulletproof Hosting Service Enabling Cybercriminals and Technology Theft

Chrome 0-Day Flaw Exploited in the Wild to Execute Arbitrary Code

The People's Liberation Army Cyberspace Force

Unveiling RIFT: Enhancing Rust malware analysis through pattern matching

Swiss government affected by cyberattack on health foundation

Dozens of pro-Indy accounts go dark after Israeli strikes

Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

Norwegian Dam Valve Forced Open for Hours in Cyberattack

Hide Your RDP: Password Spray Leads to RansomHub Deployment

DeepSeek faces ban from Apple, Google app stores in Germany | Reuters

Denmark to tackle deepfakes by giving people copyright to their own features

Hawaiian Airlines discloses cyberattack, flights not affected

Pre-Auth Flaw in MongoDB Server Allows Attackers to Cause DoS

Scale AI exposed sensitive data about clients like Meta and xAI in public Google Docs, BI finds

Microsoft 365 'Direct Send' abused to send phishing as internal users

CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks

OWASP Agentic AI Top 10 Vulnerability Scoring System (AIVSS) & Comprehensive AI Security Framework

Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace

Surge in MOVEit Transfer Scanning Activity Could Signal Emerging Threat Activity

16% of Swiss federal politicians have data on dark web

NATO summit commences in tandem with tense cyber, kinetic…

Hacktivists Launch DDoS Attacks at U.S. Following Iran Bombings

Echo Chamber: A Context-Poisoning Jailbreak That Bypasses LLM Guardrails

Exclusive: DeepSeek aids China's military and evaded export controls, US official says

UK watchdog fines 23andMe over 2023 data breach

UBS Employee Data Reportedly Exposed in Third Party Attack

No, the 16 billion credentials leak is not a new data breach

CoinMarketCap Briefly Exploited With Wallet Phishing Pop-Up Message

‘States don’t do hacking for fun’: NCSC expert urges businesses to follow geopolitics as defensive strategy

CVE-2025-49763 - Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin

Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic

Iran's government says it shut down internet to protect against cyberattacks

Health ministry’s information system hit by ransomware attack – TALANOA 'O TONGA

India's TCS says none of its systems were compromised in M&S hack | Reuters

Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks | Qualys

130,000 UBS employees affected: Hackers publish Ermotti's phone number on the darknet

Kremlin-affiliated outlets find digital ally in Colombia's oldest guerrilla group

GreyNoise Observes Exploit Attempts Targeting Zyxel CVE-2023-28771

10K Records Allegedly from Mac Cloud Provider’s Customers Exposed Online

Pro-Israel hacktivist group claims responsibility for alleged Iranian bank hack

New permission prompt for Local Network Access

KB4743: Vulnerabilities Resolved in Veeam Backup & Replication 12.3.2

A Wretch Client: From ClickFix deception to information stealer deployment — Elastic Security Labs

Police seizes Archetyp Market drug marketplace, arrests admin

Coming to Apple OSes: A seamless, secure way to import and export passkeys

Hackers take aim at Washington Post journalists in an apparent ‘targeted’ cyberattack | CNN Business

World Leaks: An Extortion Platform

Over 46,000 Grafana instances exposed to account takeover bug

Sweden under cyberattack: Prime minister sounds the alarm - Euractiv

Predator Spyware Resurgence: Insikt Group Exposes New Global Infrastructure

Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted

Apple fixes new iPhone zero-day bug used in Paragon spyware hacks

That DeepSeek installer you just clicked? It's malware

Hackers exploited Windows WebDav zero-day to drop malware

Echoleak Blogpost

Down the Rabbit Hole of Unicode Obfuscation

20,000 malicious IPs and domains taken down in INTERPOL infostealer crackdown

Microsoft Outlook to block more risky attachments used in attacks

Telegram, the FSB, and the Man in the Middle

Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of Top Tier Targets

NGO warns FSB has gained access to Russians’ communication with Ukrainian Telegram channel bots — Novaya Gazeta Europe

Splunk Universal Forwarder on Windows Lets Non-Admin Users Access All Contents

iVerify Uncovers Evidence of Zero-Click Mobile Exploitation in the U.S.

EU launches EU-based, privacy-focused DNS resolution service

Major food wholesaler says cyberattack impacting distribution systems

Cybercriminals Are Hiding Malicious Web Traffic in Plain Sight

The Cost of a Call: From Voice Phishing to Data Extortion

Hackers Leak 86 Million AT&T Records with Decrypted SSNs

Hacker selling critical Roundcube webmail exploit as tech info disclosed

Cisco warns of ISE and CCP flaws with public exploit code

Victims risk AsyncRAT infection after being redirected to fake Booking.com sites

International operation results in arrest of 22 men in Nigeria for sextortion | Australian Federal Police

Malaysian home minister’s WhatsApp hacked, used to scam contacts

Vanta bug exposed customers' data to other customers | TechCrunch

Announcing a new strategic collaboration to bring clarity to threat actor naming | Microsoft Security Blog

50,000+ Azure AD Users Exposed via Unsecured API: BeVigil Uncovers Critical Flaw | CloudSEK

Official Root Cause Analysis (RCA) for SentinelOne Global Service Interruption

CVE-2025-32756: Fortinet RCE Exploited in the Wild

Hidden Bear: The GRU hackers of Russia’s most notorious kill squad

Google Online Security Blog: Sustaining Digital Certificate Security - Upcoming Changes to the Chrome Root Store

Lumma Infostealer – Down but Not Out?

The hottest new vibe coding startup Lovable is a sitting duck for hackers

Dero miner spreads inside containerized Linux environments | Securelist

Czech Republic says China behind cyberattack on ministry, embassy rejects accusations | Reuters

New Russia-affiliated actor Void Blizzard targets critical sectors for espionage

Victoria's Secret hit by outages as it battles security incident | TechCrunch

Tracking AyySSHush: a Newly Discovered ASUS Router Botnet Campaign

Lyrix Ransomware

UK to deliver pioneering battlefield system and bolster cyber warfare capabilities under Strategic Defence Review

Update on May 29 Outage

ConnectWise Confirms ScreenConnect Cyberattack, Says Systems Now Secure: Exclusive

DragonForce actors target SimpleHelp vulnerabilities to attack MSP, customers – Sophos News

Estonia launches international search for Moroccan citizen wanted over data theft

AyySSHush: Tradecraft of an emergent ASUS botnet

GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers

DragonForce ransomware abuses SimpleHelp in MSP supply chain attack

Exclusive: Tiffany confirms data breach in South Korea following Dior incident

ModSecurity Vulnerability Exposes Millions of Web Servers to Severe DoS Condition

Threat of TCC Bypasses on macOS

Fake Zenmap. WinMRT sites target IT staff with Bumblebee malware

SVGs: the hacker’s canvas

SVG Phishing Malware Being Distributed with Analysis Obstruction Feature

How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation

Arla Foods confirms cyberattack disrupts production, causes delays

Microsoft’s AI security chief accidentally reveals Walmart’s AI plans after protest

Swiss arrest in European dark net raid - SWI swissinfo.ch

TikTok Videos Promise Pirated Apps, Deliver Vidar and StealC Infostealers Instead

Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE

Unit 42 Develops Agentic AI Attack Framework

How Adversary Telegram Bots Help to Reveal Threats: Case Study - ANY.RUN's Cybersecurity Blog

Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware

How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes

You're Invited: Delivering malware via Google Calendar invites and PUAs

Twilio denies breach following leak of alleged Steam 2FA codes

Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own

US man who hacked SEC's X account to spike Bitcoin price sentenced to prison | TechCrunch

Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)

Trump's sanctions on ICC prosecutor have halted tribunal's work

EU bug database fully operational as US slashes infosec

Open-source toolset of an Ivanti CSA attacker

Breaking Out of Restricted Mode: XSS to RCE in Visual Studio Code

Ivanti warns of critical Neurons for ITSM auth bypass flaw

China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures

Excel(ent) Obfuscation: Regex Gone Rogue

ETH Zurich researchers discover new security vulnerability in Intel processors | ETH Zurich

COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs

Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines

Marks & Spencer hackers appear to protect ‘former Soviet states’ from attacks | The Observer

Can You Really Trust That Permission Pop-Up On macOS? (CVE-2025-31250) | Watch This Space

Marks & Spencer confirms customers' personal data was stolen in hack | TechCrunch

Dior’s China data breach exposes elite clients

Hackers now testing ClickFix attacks against Linux targets

Threat Brief: CVE-2025-31324

[CVE-2025-37752] Two Bytes Of Madness: Pwning The Linux Kernel With A 0x0000 Written 262636 Bytes Out-Of-Bounds

RATatouille: A Malicious Recipe Hidden in rand-user-agent (Supply Chain Compromise)

UK pioneering global move away from passwords

Schneier warns that AI loses integrity due to corporate bias

Malicious PyPI Package Targets Discord Developers with Remot...

DOGE software engineer’s computer infected by info-stealing malware - Ars Technica

Microsoft Dynamics 365 Customer Voice Phishing Scam

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

On Lockbit's plaintext passwords

NSO Group must pay more than $167 million in damages to WhatsApp for spyware campaign | TechCrunch

LockBit ransomware gang hacked, victim negotiations exposed

DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains | Europol

Police takes down six DDoS-for-hire services, arrests admins

Evil Deno: Abusing the Nicest JavaScript Runtime: Taggart Tech

Sharp rise in reported cyber incidents in Switzerland

Signal clone used by Trump official stops operations after report it was hacked

wget to Wipeout: Malicious Go Modules Fetch Destructive Payload

Linux wiper malware hidden in malicious Go modules on GitHub

CVE-2024-7399

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

DragonForce Ransomware Gang | From Hacktivists to High Street Extortionists

Backdoor found in popular ecommerce components

Exposing Darcula: a rare look behind the scenes of a global Phishing-as-a-Service operation

I StealC You: Tracking the Rapid Changes To StealC

macOS Vulnerabilities: A Year of Security Research at Kandji

The Signal Clone the Trump Admin Uses Was Hacked

MCP Prompt Injection: Not Just For Evil

Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today's Adversaries | SentinelOne

Eight countries launch Operational Taskforce to tackle violence-as-a-service

Hitachi Vantara takes servers offline after Akira ransomware attack

NCSC statement: Incident impacting retailers

Ransomware attacks on food and agriculture industry have doubled in 2025 | The Record from Recorded Future News

SonicBoom, From Stolen Tokens to Remote Shells - SonicWall SMA (CVE-2023-44221, CVE-2024-38475)

Harrods is latest retailer to be hit by cyber-attack | Harrods | The Guardian

Active Subscription Scam Campaigns Flooding the Internet

Ledger scammers are sending letters to steal seed phrases

Grafana security update: no customer impact from GitHub workflow vulnerability

Using Trusted Protocols Against You: Gmail as a C2 Mechanism...

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.

TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks

Some M&S stores left with empty shelves after cyber attack

Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis

Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs

Navigating Through The Fog

Did 5G kill the IMSI catcher?

Despite Recent Security Hardening, Entra ID Synchronization Feature Remains Open for Abuse

European Parliament’s Iran delegation chair victim of Tehran-linked hacking

British firms urged to hold video or in-person interviews amid North Korea job scam | Technology | The Guardian

CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide

2025 Q1 Trends in Vulnerability Exploitation | Blog | VulnCheck

Proton66 Part 1: Mass Scanning and Exploit Campaigns

A Chinese AI video startup appears to be blocking politically sensitive images | TechCrunch

M&S stops online orders and issues refunds after cyber attack

Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations | Trend Micro (US)

Fake GIF Leveraged in Multi-Stage Reverse-Proxy Card Skimming Attack

SAP fixes suspected Netweaver zero-day exploited in attacks

Largest telecom in Africa warns of cyber incident exposing customer data | The Record from Recorded Future News

How to steal the internet

StarCraft 2 Hackers Forcing Players To Watch Shooting Videos

ReliaQuest Uncovers Potential New Vulnerability in SAP NetWeaver

UK bans export of video game controllers to Russia to hinder attack drone pilots

Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)

9X Surge in Ivanti Connect Secure Scanning Activity

JFrog Detects Malicious PyPi package Stealing Crypto Tokens

International investigation disrupts phishing-as-a-service platform LabHost

Emerging Phishing Techniques: New Threats and Attack Vectors

DslogdRAT Malware Installed in Ivanti Connect Secure

The State of Ransomware in the First Quarter of 2025: Record-Breaking 126% Spike in Public Extortion Cases

Cookie-Bite: How Your Digital Crumbs Let Threat Actors Bypass MFA and Maintain Access to Cloud Environments

Incident update: Mitigating a DDoS attack on April 21, 2025

XRP supply chain attack: Official NPM package infected with crypto stealing backdoor

Thousands of Baltimore students, teachers affected by data breach following February ransomware attack

Cisco Webex bug lets hackers gain code execution via meeting links

Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows

Google Spoofed Via DKIM Replay Attack

Phishers abuse Google OAuth to spoof Google in DKIM replay attack

Widespread Microsoft Entra lockouts tied to new security feature rollout

SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation

npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors

Silicon Valley crosswalk buttons hacked to imitate Musk, Zuckerberg's voices

Is Ivanti the problem or a symptom of a systemic issue with network devices?

Threat actors misuse Node.js to deliver malware and other malicious payloads | Microsoft Security Blog

PasivRobber: Chinese Spyware or Security Tool?

The Ever-Evolving Threat of the Russian-Speaking Cybercriminal Underground | Trend Micro (US)

MITRE warns that funding for critical CVE program expires today

China accuses NSA of launching cyberattacks on Asian Winter Games

SSL/TLS certificates will last 47 days max by 2029

Hack The Sandbox: Unveiling the Truth Behind Disappearing Artifacts - Researcher Blog - ITOCHU Cyber & Intelligence Inc.

Exploitation of CLFS zero-day leads to ransomware activity

Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs - Ars Technica

Searching for something unknow

Darknet’s Xanthorox AI Offers Customizable Tools for Hacker

Gamaredon's Evolving Cyber Threats: A Closer Look

OCC Notifies Congress of Incident Involving Email System

Hackers breach Morocco's social security database in unprecedented cyberattack

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Germany suspects Russian cyber attack on research group

Algerian hackers leak sensitive data from Morocco's CNSS and Ministry of Employment

The Rise of Slopsquatting: How AI Hallucinations Are Fueling a New Class of Supply Chain Attacks

OpenAI helps spammers plaster 80,000 sites with messages that bypassed filters

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale

Police detains Smokeloader malware customers, seizes servers

CVE-2025-22457

Popular French retailers confirm hackers stole customer data

Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse

A miner and the ClipBanker Trojan being distributed via SourceForge | Securelist

NCSC issues warning over Chinese Moonshine and BadBazaar spyware

Don't open that file in WhatsApp for Windows just yet

Anatomy of an LLM RCE

EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher

Russia arrests CEO of tech company linked to Doppelgänger disinformation campaign

Carding tool abusing WooCommerce API downloaded 34K times on PyPI

Someone hacked ransomware gang Everest’s leak site

British Army and Royal Navy hit by cyberattacks from pro-Russian and pro-Palestinian hackers | The Standard

IngressNightmare | Critical Unauthenticated RCE Vulnerabilities in Kubernetes Ingress NGINX

Google Online Security Blog: Google announces Sec-Gemini v1, a new experimental cybersecurity model

One Time Pwnage: SEAL Releases Advisory On SLOVENLY COMET

Someone is trying to recruit security researchers in bizarre hacking campaign | TechCrunch

Surge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming Threats

TTP - Apple Offers Apps With Ties to Chinese Military

Outlaw Linux Malware: Persistent, Unsophisticated, and Surprisingly Effective — Elastic Security Labs

Oracle privately confirms Cloud breach to customers

Global crackdown on Kidflix, a major child sexual exploitation platform with almost two million users | Europol

PhaaS actor uses DoH and DNS MX to dynamically distribute phishing

It takes two: The 2025 Sophos Active Adversary Report

Hacktivists Target France Over Diplomatic Moves

Russian Hacktivists Target Energy And Water Infrastructure

Tomcat in the Crosshairs: New Research Reveals Ongoing Attacks

Apple belatedly fixes exploited flaws in older OSes

Analyzing open-source bootloaders: Finding vulnerabilities faster with AI

From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic

CrushFTP Authentication Bypass - CVE-2025-2825

Fake Zoom Ends in BlackSuit Ransomware

ClickFix: Another Deceptive Social Engineering Technique

Pulling the Threads on the Phish of Troy Hunt

TCCing is Believing

Hidden Malware Strikes Again: Mu-Plugins Under Attack

Ransomware crews add EDR killers to their arsenal

Oracle Health breach compromises patient data at US hospitals

SAMLStorm: Critical Authentication Bypass in xml-crypto and Node.js libraries

Malware found on npm infecting local package with reverse shell

CVE-2025-29927: Next.js Middleware Authorization Bypass

Micropatches released for SCF File NTLM Hash Disclosure Vulnerability (0day)

GorillaBot: Technical Analysis and Code Similarities with Mirai

Troy Hunt: A Sneaky Phish Just Grabbed my Mailchimp Mailing List

VanHelsing, new RaaS in Town

Weaver Ant: Tracking a China-Nexus Cyber Espionage Operation

Chinese hackers spent four years inside Asian telco’s networks

VanHelsing Ransomware

Resurgence of In-The-Wild Activity Targeting Critical ServiceNow Vulnerabilities

Oracle denies breach after hacker claims theft of 6 million data records

Large enterprises scramble after supply-chain attack spills their secrets

How to find Next.js on your network

Next.js Middleware Exploit: Deep Dive into CVE-2025-29927 Authorization Bypass - ZeroPath Blog

Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware

SSD Advisory - Linux kernel hfsplus slab-out-of-bounds Write - SSD Secure Disclosure

Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440

VSCode extensions found downloading early-stage ransomware

Critical Veeam Backup & Replication CVE-2025-23120

Virtue or Vice? A First Look at Proliferating Spyware Operations

Secure Annex - Enterprise Browser Extension Security & Management Platform

Over 16.8 Billion Records Exposed as Data Breaches Increase 6%

Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping....

Facial Recognition Injection Attacks - An Overview

Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs

Akira ransomware can be cracked with sixteen RTX 4090 GPUs in around ten hours — new counterattack breaks encryption | Tom's Hardware

Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices

ICANN moves to retire Soviet-era .SU country domain name - Domain Name Wire

Exclusive: Hackers claim cyber attack on Trump winery, golf courses

NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption

North Korean government hackers snuck spyware on Android app store | TechCrunch

Lookout Discovers North Korean APT37 Mobile Spyware | Threat Intel

DOGE axes CISA ‘red team’ staffers amid ongoing federal cuts | TechCrunch

Medusa Ransomware Activity Continues to Increase

GreyNoise Detects Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577)

Google paid $12 million in bug bounties last year to security researchers

Swiss critical sector faces new 24-hour cyberattack reporting rule

Undocumented "backdoor" found in Bluetooth chip used by a billion devices

DPRK IT Fraud Network Uses GitHub to Target Global Companies

North Korean Fake IT Workers Leverage GitHub to Build Personas

Data breach at Japanese telecom giant NTT hits 18,000 companies

Thousands of websites hit by four backdoors in 3rd party JavaScript attack

Silk Typhoon targeting IT supply chain

District of Columbia | Chinese Nationals with Ties to the PRC Government and “APT27” Charged in a Computer Hacking Campaign for Profit, Targeting Numerous U.S. Companies, Institutions, and Municipalities | United States Department of Justice

Blog: Zen and the Art of Microcode Hacking

Cisco warns of Webex for BroadWorks flaw exposing credentials

New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran

360XSS: Mass Website Exploitation via Virtual Tour Framework for SEO Poisoning

Zapier says someone broke into its code repositories and may have accessed customer data

Spyzie stalkerware is spying on thousands of Android and iPhone users

Cellebrite zero-day exploit used to target phone of Serbian student activist - Amnesty International Security Lab

Researchers uncover unknown Android flaws used to hack into a student's phone

Exclusive: Hegseth orders Cyber Command to stand down on Russia planning

Trump administration retreats in fight against Russian cyber threats

Cellebrite suspends Serbia as customer after claims police used firm's tech to plant spyware | TechCrunch

Confluence Exploit Leads to LockBit Ransomware

Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger

Lumma Stealer Chronicles: PDF-themed Campaign Using Compromised Educational Institutions' Infrastructure

Researchers accuse North Korea of $1.4 billion Bybit crypto heist

An Update on Fake Updates: Two New Actors, and New Mac Malware

Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vuln (Fixed) | Rapid7 Blog

Stalkerware apps Cocospy and Spyic are exposing phone data of millions of people | TechCrunch

WordPress ClickFix Malware Causes Google Warnings and Infected Computers

Beware: PayPal "New Address" feature abused to send phishing emails

Weathering the storm: In the midst of a Typhoon

German election targeted by Russian disinformation, security services warn | The Record from Recorded Future News

Black Basta is latest ransomware group to be hit by leak of chat logs

CISA and FBI: Ghost ransomware breached orgs in 70 countries

UK healthcare giant HCRG confirms hack after ransomware gang claims theft of sensitive data

OpenSSH bugs threaten enterprise security, uptime

Threat Spotlight: Inside the World's Fastest Rising Ransomware Operator — BlackLock

Ecuador's legislature says hackers attempted to access confidential information

Microsoft spots XCSSET macOS malware variant used for crypto theft

CVE-2022-31631: High-Risk PHP Vulnerability Demands Immediate Patch

Network Security Issues in RedNote

Investigating Anonymous VPS services used by Ransomware Gangs

Sweden’s PM on suspected cable sabotage: ‘We don’t believe random things suddenly happen quite often’

Storm-2372 conducts device code phishing campaign

PirateFi game on Steam caught installing password-stealing malware

Key figures behind Phobos and 8Base ransomware arrested in international cybercrime crackdown

Cyberattack disrupts Lee newspapers' operations across the US

An Italian journalist speaks about being targeted with Paragon spyware

CVE-2024-12356

Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News

Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication

Cybercrime: A Multifaceted National Security Threat

New Exploitation Surge: Attackers Target ThinkPHP and ownCloud Flaws at Scale | GreyNoise Blog

Sky ECC encrypted service distributors arrested in Spain, Netherlands

New UK sanctions target Russian cybercrime network

Four alleged hackers arrested in Phuket for hacking 17 Swiss firms

8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur

Go Module Mirror served backdoor to devs for 3+ years - Ars Technica

Spain arrests suspected hacker of US and Spanish military agencies

British engineering firm IMI discloses breach, shares no details

Ransomware payments dropped 35% in 2024

Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2025-21293)

CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks

U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, Per First-Ever Report

BSI analysis shows: Nextcloud server stored passwords in plain text | heise online

Arma Reforger And DayZ DDOS Attack Continues, Devs "Making Progress"

Kimsuky hackers use new custom RDP Wrapper for remote access

Deloitte to provide Rhode Island $5M for ransomware recovery

Code injection attacks using publicly disclosed ASP.NET machine keys

Critical Cisco ISE bug can let attackers run commands as root

Spyware maker Paragon terminates contract with Italian government: media reports | TechCrunch

Law enforcement hammered cybercrime in 2024. Is it…

Unpacking the BADBOX Botnet with Censys

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers

Zyxel Telnet Vulnerabilities

SparkCat crypto stealer in Google Play and App Store

PoC Exploit Released for macOS Kernel Vulnerability CVE-2025-24118 (CVSS 9.8)

macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed

How Switzerland is caught up in Russia’s propaganda machine

Recent Jailbreaks Demonstrate Emerging Threat to DeepSeek

Live Chat Blog #2: Cisco Webex Connect - Access to millions of chats histories

Exposed SMB: The Hidden Risk Behind ‘WantToCry’ Ransomware Attacks

Eradicating trivial vulnerabilities, at scale

DeepSeek’s Popular AI App Is Explicitly Sending US Data to China | WIRED

Tbilisi public transport hacked, playing pro-European messages

Tata Technologies says ransomware attack hit IT assets, investigation ongoing

X Phishing | Campaign Targeting High Profile Accounts Returns, Promoting Crypto Scams

Swiss tax authority forced to buy Bahamas domain name after URL typo

Active Exploitation of Zero-day Zyxel CPE Vulnerability (CVE-2024-40891)

Norway seizes ship suspected of sabotage, says crew are Russian nationals

10,000 WordPress Websites Found Delivering MacOS and Windows Malware

Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blog

New TorNet backdoor seen in widespread campaign

Salt Typhoon: An Analysis of Vulnerabilities Exploited by this State-Sponsored Actor

Updated: Frederick Health takes systems offline due to ransomware attack

Unmasking FleshStealer: A New Infostealer Threat in 2025

OpenAI launches ChatGPT Gov for U.S. government agencies

Apple fixes this year’s first actively exploited zero-day bug

Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware

UnitedHealth updates number of data breach victims to 190 million

Mysterious backdoor found on select Juniper routers

48,000+ internet-facing Fortinet firewalls still open to attack

The J-Magic Show: Magic Packets and Where to find them - Lumen Blog

HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

How A Large-Scale Russian Botnet Operation Stays Under the Radar

fasthttp Used in New Bruteforce Campaign

Targeted supply chain attack against Chrome browser extensions

Government and university websites targeted in ScriptAPI[.]dev client-side attack - c/side

Hundreds of fake Reddit sites push Lumma Stealer malware

Google launches customizable Web Store for Enterprise extensions

Malware Redirects WordPress Traffic to Harmful Sites

Swiss cities targeted by Russian hackers during WEF

Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai | Qualys Security Blog

Record-breaking 5.6 Tbps DDoS attack and global DDoS trends for 2024 Q4

Malicious extensions circumvent Google’s remote code ban

Researchers Accessed Windows BitLocker Encrypted Files Disassembling the Laptop

IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024

Will the Real Volt Typhoon Please Stand Up?

Gootloader inside out

FBI Warns iPhone, Android, Windows Users—Do Not Install These Apps

RansomHub Affiliate leverages Python-based backdoor

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Banshee: The Stealer That "Stole Code" From MacOS XProtect

Bolstering the cybersecurity of the healthcare sector

Passkeys: they're not perfect but they're getting better

Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344

sfewer-r7's assessment of CVE-2025-0282

Chinese hackers breached US government office that assesses foreign investments for national security risks

EU law enforcement training agency data breach: Data of 97,000 individuals compromised - Help Net Security

French submarine crew accidentally leak sensitive information through Strava app | Euronews

Ransomware roundup: 2024 end-of-year report - Comparitech

Gootloader inside out – Sophos News

Over 5,000 WordPress sites caught in WP3.XYZ malware attack

IntelBroker Unmasked: KELA’s In-Depth Analysis of a Cybercrime Leader

Luxembourg government websites knocked offline in latest cyberattack | Luxembourg Times

Ministers consider ban on all UK public bodies making ransomware payments | Cybercrime | The Guardian

Telefonica Breach Exposes Jira Tickets, Customer Data

Cracking the Code: How Banshee Stealer Targets macOS Users

Ransomware abuses Amazon AWS feature to encrypt S3 buckets

Microsoft: macOS bug lets hackers install malicious kernel drivers

UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks | TechCrunch

Scholastic Hack: Furry Finds 8 Million People Exposed

Industrial networking manufacturer Moxa reports 'critical' router bugs

Backdooring Your Backdoors - Another $20 Domain, More Governments

Inside FireScam : An Information Stealer with Spyware Capabilities

“Can you try a game I made?” Fake game sites lead to information stealers

Recruitment Phishing Scam Imitates Hiring Process

Telegram hands over data on thousands of users to US law enforcement

Microsoft moves to disrupt hacking-as-a-service scheme that’s bypassing AI safety measures

Green Bay Packers' online store hacked to steal credit cards

UN aviation agency ‘investigating’ security breach after hacker claims theft of personal data

Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)

FunkSec – Alleged Top Ransomware Group Powered by AI

SonicWall urges admins to patch exploitable SSLVPN bug immediately

Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit

Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data

Russian ISP confirms Ukrainian hackers "destroyed" its network

Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation

CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog

Researcher Turns Insecure License Plate Cameras Into Open Source Surveillance Tool

Thousands of credit cards stolen in Green Bay Packers store breach

Casio says hackers stole personal data of 8,500 people during October ransomware attack

Many-shot jailbreaking \ Anthropic

Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability

PowerSchool hack exposes student, teacher data from K-12 districts

Telegram Hands U.S. Authorities Data on Thousands of Users

Hackers reportedly compromise Argentina’s airport security payroll system | The Record from Recorded Future News

Chinese hackers also breached Charter and Windstream networks

Rhode Island warns of cybercriminals leaking stolen state files as Deloitte works to restore system

LDAPNightmare: SafeBreach Publishes First PoC Exploit (CVE-2024-49113)

What We Know About CVE-2024-49112 and CVE-2024-49113

US sanctions Chinese cyber firm linked to Flax Typhoon hacks | TechCrunch

White House: Salt Typhoon hacks possible because telecoms lacked basic security measures

NATO’s Emergency Plan for an Orbital Backup Internet

DoubleClickjacking: A New Era of UI Redressing

New details reveal how hackers hijacked 35 Google Chrome extensions

Finland identifies seven suspects among crew of alleged Russian 'spy' tanker

Palo Alto Firewalls Backdoored by Suspected Chinese Hackers

US Treasury says China accessed government documents in 'major' cyberattack

Thousands of widely-used public workspaces are leaking data

Massive VW Data Leak Exposed 800,000 EV Owners’ Movements, From Homes To Private Spaces | Carscoops

Clop ransomware is now extorting 66 Cleo data-theft victims

DDosia Project: How NoName057(16) is trying to improve the efficiency of DDoS attacks

Cyber firm's Chrome extension hijacked to steal user passwords

Checking It Twice: Profiling Benign Internet Scanners — 2024 Edition

LockBit Ransomware Group Plots Comeback With 4.0 Release

Apple sends spyware victims to this nonprofit security lab

European Space Agency's official store hacked to steal payment cards

Airline hit by a cyberattack, delaying flights during the year-end holiday season

Malware trends: eBPF exploitation, malware configurations stored in unexpected places, and increased use of custom post-exploitation tools

Botnets Continue to Target Aging D-Link Vulnerabilities

Russia's GRU possibly behind cyberattack on Ukraine's government, SBU says

Israel's Mossad spent years orchestrating Hezbollah pager plot

Astrill VPN and Remote Worker Fraud - Spur

Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing

Malicious ads push Lumma infostealer via fake CAPTCHA pages

Effective Phishing Campaign Targeting European Companies and Organizations

Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices

Medion hack? BlackBasta ransomware has allegedly copied 1.5 TB of data | heise online

China 'compromised' Canadian government networks and stole valuable info: spy agency | CBC News

Ascension: Health data of 5.6 million stolen in ransomware attack

NotLockBit: A Deep Dive Into the New Ransomware Threat | Qualys Security Blog

A new playground: Malicious campaigns proliferate from VSCode to npm

The Rise of Alliances: NoName057(16)'s Transformation in 2024

Google Calendar Notifications Bypassing Email Security Policies

Three Months After the Storm: Did Cybercriminals Move to Telegram Alternatives? • KELA Cyber Threat Intelligence

Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces – Sophos News

Supply Chain Attack on Rspack npm Packages Injects Cryptojac...

DHS Says China, Russia, Iran, and Israel Are Spying on People in US with SS7

China’s Propaganda Expansion: Inside the Rise of International Communication Centers (ICCs)

Weibo is losing influencers over legal display name rule - Rest of World

Commission opens formal proceedings against TikTok under DSA

The Wiretap: Kamala Harris’ Campaign Staff Suspected iPhones Had Been Hacked. Apple Declined To Give Them The Help They Wanted.

Stop Calling Online Scams ‘Pig Butchering,’ Interpol Warns

Meta fined $263M over 2018 security breach that affected ~3M EU Facebook users

State of SonicWall Exposure: Firmware Decryption Unlocks…

Serbian authorities using spyware to hack activists and journalists

CVE-2024-55956

Serbian police used Cellebrite to unlock, then plant spyware, on a journalist's phone | TechCrunch

300,000+ Prometheus Servers and Exporters Exposed to DoS Attacks

PROXY.AM Powered by Socks5Systemz Botnet

Getting a taste of your own medicine: Threat actor MUT-1244 targets offensive actors, leaking hundreds of thousands of credentials | Datadog Security Labs

Oasis Security Research Team Discovers Microsoft Azure MFA Bypass

NodeLoader Used to Deliver Malware

Threat Actors Push ClickFix Fake Browser Updates Using Stolen Credentials

NATO to launch new cyber center by 2028: Official

'Operation Digital Eye' Attack Targets European IT Orgs

Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection - Flatt Security Research

Fraudulent shopping sites tied to cybercrime marketplace taken offline

BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA

What a new threat report says about Mac malware in 2024

Moonlock's 2024 macOS threat report

Zero-Day: How Attackers Use Corrupted Files to Bypass Detection

Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

Log In POLITICO Pro Home Latest news Romanian elections War in Ukraine French political crisis Newsletters Podcasts Poll of Polls Policy news Events News Politics Hungarian CIA reportedly spied on EU officials

Tuta has suffered multiple DDoS attacks in one week – but it claims privacy has not been compromised

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows

Ransomware hackers target NHS hospitals with new cyberattacks

8 US telcos compromised, FBI advises Americans to use encrypted communications - Help Net Security

2023 Anna Jaques Hospital data breach impacted +310K people

zizmor would have caught the Ultralytics workflow vulnerability

Ultralytics AI model hijacked to infect thousands with cryptominer

Protecting Undersea Internet Cables: A Tech Challenge

Veeam warns of critical RCE bug in Service Provider Console

Cisco warns of continued exploitation of 10-year-old ASA bug

FBI, CISA urge Americans to use secure messaging apps in wake of massive cyberattack

Cloudflare’s developer domains increasingly abused by threat actors

Black Basta ransomware gang hit BT Group

Where There’s Smoke, There’s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day

At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says | The Record from Recorded Future News

Lateral Movement on macOS: Unique and Popular Techniques and In-the-Wild Examples

Malicious Ads in Search Results Are Driving New Generations of Scams | WIRED

iVerify Mobile Threat Investigation Uncovers New Pegasus Samples

Police seize Matrix encrypted chat service after spying on criminals

CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster - Rhino Security Labs

Windows Server 2012 Mark of the Web Vulnerability (0day) - and Free Micropatches for it

Poland arrests former spy chief in Pegasus spyware probe

Energy industry contractor says ransomware attack has limited access to IT systems | The Record from Recorded Future News

AWS launches an incident response service to combat cybersecurity threats | TechCrunch

Data broker exposes 600,000 sensitive files including background checks

UN, international orgs create advisory body for submarine cables after incidents | The Record from Recorded Future News

Gaming Engines: An Undetected Playground for Malware Loaders

Starbucks, grocery stores impacted by Blue Yonder ransomware attack - Help Net Security

RobotDropper Automates the Delivery of Multiple Infostealers

PHP Reinfector and Backdoor Malware Target WordPress Sites

Python Crypto Library Updated to Steal Private Keys

11 arrested in Europol shutdown of illegal IPTV streaming networks

UK hospital network postpones procedures after cyberattack

Bootkitty: Analyzing the first UEFI bootkit for Linux

Zello asks users to reset passwords after security incident

Here’s how simple it is for script kiddies to stand up DDoS services

Matrix Unleashes A New Widespread DDoS Campaign

Raspberry Robin Analysis

Yakuza Victim Data Leaked in Japanese Agency Attack

Microsoft Power Pages: Data Exposure Reviewed

CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks

7-Zip flaw enables code smuggling with manipulated archives

China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike

Apple fixes two zero-days used in attacks on Intel-based Macs

Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart | Qualys Security Blog

Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON | Microsoft Security Blog

Seeing Through a GLASSBRIDGE: Understanding the Digital Marketing Ecosystem Spreading Pro-PRC Influence Operations

Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack | WIRED

FortiClient VPN Logging Blind Spot Revealed

Threat Actors Hijack Misconfigured Servers for Live Sports Streaming

Exploit attempts for unpatched Citrix vulnerability

FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications

Abnormal Security

Microsoft 365 Admin portal abused to send sextortion emails

Extracting Plaintext Credentials from Palo Alto Global Protect

Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474

T-Mobile finally managed to thwart a data breach before it occured

Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany | WIRED

Leaked Documents Show What Phones Secretive Tech ‘Graykey’ Can Unlock

German Stats Body Says Suffered Possible Data Breach | Barron's

Snowflake hackers identified and charged with stealing 50 billion AT&T records | TechCrunch

T-Mobile confirms it was hacked in recent wave of telecom breaches

My Habit Was Collecting

The State of Cloud Ransomware in 2024

CVE-2024-47575

Okta security bug affects those with really long usernames

China's Volt Typhoon breached Singtel, reports say

Visionaries Have Democratised Remote Network Access - Citrix Virtual Apps and Desktops (CVE Unknown)

Threat Hunting Case Study: Uncovering Turla | Intel 471

CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits

Uncovering Apple Vulnerabilities: The diskarbitrationd and storagekitd Audit Story Part 1

How Italy became an unexpected spyware hub

VEEAM exploit seen used again with a new ransomware: “Frag

D-Link won’t fix critical flaw affecting 60,000 older NAS devices

Meet Interlock — The new ransomware targeting FreeBSD servers

DocuSign's Envelopes API abused to send realistic fake invoices

Threat Campaign Spreads Winos4.0 Through Game Application

North Korean hackers employ new tactics to compromise crypto-related businesses - Help Net Security

Nokia says hackers leaked third-party app source code

New Campaign Uses Remcos RAT to Exploit Victims

BlueNoroff Hidden Risk | Threat Actor Targets Macs with Fake Crypto News and Novel Persistence

Gootloader’s Pivot from SEO Poisoning: PDF Converters Become the New Infection Vector

Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign

Cyberattack disables tracking systems and panic alarms on British prison vans

Interpol operation nets 41 arrests, takedown of 22,000 malicious IPs

EDR Bypass Testing Reveals Extortion Actor's Toolkit

ClickFix tactic: Revenge of detection

Cisco notifies ‘limited set’ of customers after hacker accessed non-public files

Schneider Electric confirms dev platform breach after hacker steals data

CRON#TRAP: Emulated Linux Environments as the Latest Tactic in Malware Staging - Securonix

The story behind HISAA

SmokeBuster Tool

Massive hack-for-hire scandal rocks Italian political elites

Cyber attack on pharmaceutical distributor AEP

DDoS site Dstat.cc seized and two suspects arrested in Germany

Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack

Botnet 7777: Are You Betting on a Compromised Router?

A glimpse into the Quad7 operators' next moves and associated botnets

Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network

Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats

Every Doggo Has Its Day: Unleashing the Xiū Gǒu Phishing Kit

Update your iPhone, Mac, Watch: Apple issues patches for several vulnerabilities | Malwarebytes

Amazon identified internet domains abused by APT29

Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

ClickFix tactic: The Phantom Meet

Attacker Abuses Victim Resources to Reap Rewards from Titan Network

Elon Musk-Funded PAC Supercharges ‘Progress 2028’ Democrat Impersonation Ad Campaign

ReliaQuest Uncovers New Black Basta Social Engineering Technique - ReliaQuest

US names and charges Maxim Rudometov with developing the Redline infostealer

LightSpy: Implant for iOS

31 new ransomware groups were discovered in 2024

Update on Windows Downdate

Hacker Returns $19.3 Million to Drained US Government Crypto Wallet

Self-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials - SANS Internet Storm Center

Cisco fixes bug under exploit in brute-force attacks

Researchers say AI transcription tool used in hospitals invents things no one ever said | AP News

POLITICO Europe

Fog ransomware targets SonicWall VPNs to breach corporate networks

How Israel’s bulky pager fooled Hezbollah

Akira ransomware continues to evolve

Fake IT Workers: How HYPR Stopped a Fraudulent Hire

Embargo ransomware: Rock’n’Rust

Triad Nexus: Silent Push exposes FUNNULL CDN hosting DGA domains for suspect Chinese gambling sites, investment scams, a retail phishing campaign, and a polyfill.io supply chain attack impacting 110,000+ sites

Apple Shares Private Cloud Compute Virtual Research Environment, Provides Bounties for Vulnerabilities - MacRumors

Encrypted Chat App ‘Session’ Leaves Australia After Visit From Police

macOS NotLockBit | Evolving Ransomware Samples Suggest a Threat Actor Sharpening Its Tools

Fortinet FortiManager CVE-2024-47575 Exploited in Zero-Day Attacks

Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks

ShadyShader: Crashing Apple Devices with a Single Click

Rogue RDP – Revisiting Initial Access Methods

How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends

ESET themed wiper Targets Israel

Decrypted: Mallox ransomware

Researchers link Polyfill supply chain attack to huge network of copycat gambling sites

Fortinet releases patches for undisclosed critical FortiManager vulnerability - Help Net Security

Hackers exploit Roundcube webmail flaw to steal email, credentials

Invisible text that AI chatbots understand and humans can’t? Yep, it’s a thing. - Ars Technica

Lynx Ransomware: A Rebranding of INC Ransomware

Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA

FASTCash for Linux

Spate of ransomware attacks on German-speaking schools hits another in Switzerland

The War on Passwords Is One Step Closer to Being Over

THREAT ANALYSIS: Beast Ransomware

Tricks and Treats: GHOSTPULSE’s new pixel-level deception

Internet Archive breached again through stolen access tokens

HijackLoader evolution: abusing genuine signing certificates

Amazon helps the US Department of Justice thwart international cybercriminal group Anonymous Sudan

Swiss identified in Austrian bomb threat investigation

USDoD hacker behind National Public Data breach arrested in Brazil

Fake recruiter coding tests target devs with malicious Python packages

Jetpack fixes critical information disclosure flaw existing since 2016

British intelligence services to protect all UK schools from ransomware attacks

Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024

Neo-Nazis head to encrypted SimpleX Chat app, bail on Telegram

CTV industry’s unprecedented “surveillance”

Ukrainian pleads guilty to operating Raccoon Stealer malware

Dutch police arrest admin of 'Bohemia/Cannabia' dark web market

MoneyGram says hackers stole customers' personal information and transaction data | TechCrunch

1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

Telekopye transitions to targeting tourists via hotel booking scam

Pokemon developer Game Freak hit with hack, internal info leaking

UK Ambulance Services targeted by Kremlin-protected Russian hackers

Hackers Advertise Stolen Verizon Push-to-Talk ‘Call Logs’

A Mysterious Hacking Group Has 2 New Tools to Steal Data From Air-Gapped Machines | WIRED

Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server

Hacked Robot Vacuums Across the U.S. Started Yelling Slurs

U.S., Microsoft seize over 100 websites allegedly used by Russian spies

Internet Archive hacked, data breach impacts 31 million users

File hosting services misused for identity phishing

AI girlfriend site breached, user fantasies stolen

Hackers targeted Android users by exploiting zero-day bug in Qualcomm chips

From Perfctl to InfoStealer

Zero Day Initiative — The October 2024 Security Update Review

Ivanti warns of three more CSA zero-days exploited in attacks

Ukraine Claims Cyberattack Blocked Russian State TV Online on Putin’s Birthday

The 30-year-old internet backdoor law that came back to bite

Mamba 2FA: A new contender in the AiTM phishing ecosystem - Sekoia.io Blog

New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities

perfctl: A Stealthy Malware Targeting Millions of Linux Servers

Arrests in international operation targeting cybercriminals in West Africa

DOJ, Microsoft seize more than 100 domains used by the FSB

Further Evil Corp cyber criminals exposed, one unmasked as LockBit affiliate - National Crime Agency

How the FBI and Mandiant caught a 'serial hacker' who tried to fake his own death

Apple fixes password-blurting VoiceOver bug

Cyble Honeypot Sensors Detect WordPress Plugin Attack, New Banking Trojan

Rackspace systems hit by zero-day exploit of third-party app • The Register

Patch for Critical CUPS vulnerability: Don't Panic - SANS Internet Storm Center

Dutch Police: ‘State actor’ likely behind recent data breach

A Measure of Motive: How Attackers Weaponize Digital Analytics Tools | Google Cloud Blog

Over 300,000! GorillaBot: The New King of DDoS Attacks

US senator targeted by deepfake caller posing as Ukrainian diplomat | US politics | The Guardian

Multiple Vulnerabilities Discovered in PHP, Prompting Urgent Security Updates

Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs - JPCERT/CC Eyes

Agence France-Presse says cyberattack targeted IT systems

Crucial Texas hospital system turning ambulances away after ransomware attack

LockBit power cut: four new arrests and financial sanctions against affiliates | Europol

Critical flaw in NVIDIA Container Toolkit allows full host takeover

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

CVE-2024-8353 (CVSS 10): Critical GiveWP Flaw, 100k WordPress Sites at Risk

Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware

Banks: Zurich asset manager hit by massive hacker attack

Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments | Wiz Blog

Hacker behind Snowflake customer data breaches remains active

Hacking Kia: Remotely Controlling Cars With Just a License Plate

Meta fined $102 million for storing passwords in plain text

10 security bugs put fuel storage tanks at risk of attacks

NIST proposes barring some of the most nonsensical password rules

China-linked APT group Salt Typhoon compromised some US ISPs

Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam

Rhadamanthys Stealer v0.7.0: A Rising Threat in the Cybercrime Ecosystem

Hacker plants false memories in ChatGPT to steal user data in perpetuity

Dozens of Fortune 100 companies have unwittingly hired North Korean IT workers, according to report

Behind the CAPTCHA: A Clever Gateway of Malware

Critical Ivanti vTM auth bypass bug now exploited in attacks

Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware

US intelligence agencies confirm Russia is pushing fake videos of Kamala Harris

Staying a Step Ahead: Mitigating the DPRK IT Worker Threat

Telegram Changes Policy, Says It Will Provide User Data to Authorities

Rental Car Vendor's Security Flaw Exposed Damage Claims Reports

China urges netizens to be vigilant against Taiwanese cyberattacks

Microsoft ends development of Windows Server Update Services (WSUS)

Insecure software makers are the real cyber villains – CISA

Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America | Europol

GitLab Critical Patch Release: 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10

Enterprise ServiceNow Knowledge Bases at Risk

Thousands of orgs at risk of ServiceNow KB data leaks

New Criminal Complaint Over Pegasus Spyware Hacking of journalists and activists in the UK

Is Tor still safe to use?

New macOS malware HZ RAT lets attackers control Macs remotely

Clever 'GitHub Scanner' campaign abusing repos to push malware

WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution

Australian police infiltrate encrypted messaging app Ghost and arrest dozens

Europol takes down "Ghost" encrypted messaging platform used for crime

Police Hack Into ‘Ghost’, An Encrypted Platform for Criminals

Mastercard invests in continued defense of global digital economy with acquisition of Recorded Future

Port of Seattle refuses to pay Rhysida ransom, warns of data leak

How Lazarus Group laundered $200M from 25+ crypto hacks to fiat …

Qilin ransomware attack on Synnovis impacted over 900K patients

Microsoft working on OS update to prevent another IT outage

Hadooken Malware Targets Weblogic Applications

Apple is well on its way to making iPhones theft-proof

SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager

Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance

German radio station forced to broadcast 'emergency tape' following cyberattack

23andMe Agrees To $30 Million Settlement For Last Year's Data Breach

Scammers advertise fake AppleCare+ service via GitHub repos

UK arrests teen linked to Transport for London cyber attack

Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media

Chinese APT Abuses VSCode to Target Government in Asia

In Wake of Durov Arrest, Some Cybercriminals Ditch Telegram

RansomHub claims Kawasaki cyberattack, threatens to leak stolen data

Data centres as vital as NHS and power grid, government says

CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability – Horizon3.ai

TfL confirms 5,000 customers' bank data exposed

Hold – Verify – Execute: Rise of Malicious POCs Targeting Security Researchers

Fortinet suffers third-party data breach affecting Asia-Pacific customers - Cyber Daily

Europe’s privacy watchdog probes Google over data used for AI training

Telegram: 'The dark web in your pocket'

We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI

A glimpse into the Quad7 operators' next moves and associated botnets

Tracking Ransomware - August 2024 - CYFIRMA

Arctic Wolf Observes Akira Ransomware Campaign Targeting SonicWall SSLVPN Accounts

Critical SonicWall SSLVPN bug exploited in ransomware attacks

Veeam Backup & Response - RCE With Auth, But Mostly Without Auth (CVE-2024-40711)

Sextortion scams now use your "cheating" spouse’s name as a lure

New Android SpyAgent Campaign Steals Crypto Credentials via Image Recognition

Progress LoadMaster vulnerable to 10/10 severity RCE flaw

Free Russia Foundation to investigate data breach after internal documents published online — Novaya Gazeta Europe

Swiss found to be gullible regarding fake news

Predator Spyware Infrastructure Resurfaces Post-Sanctions – What You Need to Know

D-Link says it is not fixing four RCE flaws in DIR-846W routers

U.S. charges five Russian military members for destructive cyber ops, hack-and-leak campaigns | CyberScoop

Fake OnlyFans Checker Tool Infects Hackers with Lummac Stealer Malware

Obfuscated PowerShell leads to Lumma C2 Stealer

Online AI Mental Health and Addiction Treatment Provider Exposed Patient Data

U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown

Lowe's employees phished via Google ads | Malwarebytes

Unpacking the unpleasant FIN7 gift: PackXOR

Veeam warns of critical RCE flaw in Backup & Replication software

Researchers Unpacked AvNeutralizer EDR Killer Used By FIN7 Group

Critical Account Takeover in LiteSpeed Cache Plugin

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

Cisco warns of backdoor admin account in Smart Licensing Utility

Police Ombudsman sorry for ‘distressing’ data leak as investigation is launched

Making progress on routing security: the new White House roadmap

RPKI ROV Deployment Reaches Major Milestone

Dutch regulator slaps Clearview AI with $33 million fine, threatens executive liability - The Verge

Transport for London faces 'ongoing cyber security incident'

Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail

North Korean threat actor Citrine Sleet exploiting Chromium zero-day

Admins of MFA bypass service plead guilty to fraud

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort”

Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant

Fake Google Authenticator Website Installs Malware

Cicada 3301 - Ransomware-as-a-Service - Technical Analysis

Docker-OSX image used for security research hit by Apple DMCA takedown

Germany's Sovereign Tech Fund Puts Over $750K Into FreeBSD Infrastructure Projects

Fake Palo Alto GlobalProtect used as lure to backdoor enterprises

Dutch cabinet bans phones in meetings over espionage fears

Scam Sites at Scale: LLMs Fueling a GenAI Criminal Revolution

State-backed attackers and commercial surveillance vendors repeatedly use the same exploits

HZ Rat backdoor for macOS harvests data from WeChat and DingTalk

Telegram CEO’s brother also wanted by French authorities

Unprecedented 3.15 Billion Packet Rate DDoS Attack Mitigated by Global Secure Layer

Threat Actors Retaliate After Durov’s Arrest

Paris court explains why it's arrested Telegram founder, Pavel Durov

Malicious Plugin

WordPress Websites Used to Distribute ClearFake Trojan Malware

Is Telegram really an encrypted messaging app? – A Few Thoughts on Cryptographic Engineering

Telegram says CEO has ‘nothing to hide’ after being arrested in France

The gift that keeps on giving: A new opportunistic Log4j campaign

BlackSuit Ransomware

OpenSSH Backdoors

Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules

Xeon Sender | SMS Spam Shipping Multi-Tool Targeting SaaS Credentials

TodoSwift Disguises Malware Download Behind Bitcoin PDF

Cthulhu Stealer malware aimed to take macOS user data

From the Depths: Analyzing the Cthulhu Stealer Malware for macOS

FIN7: The Truth Doesn't Need to be so STARK

Qilin ransomware caught stealing credentials stored in Google Chrome

NGate Android malware relays NFC traffic to steal cash

No one’s ready for this

Windows 0-day was exploited by North Korea to install advanced rootkit

Litespeed Cache bug exposes millions of WordPress sites to takeover attacks

Iran Reportedly Grapples With Major Cyberattack on Banking Systems

Widespread Cloud Exposure: Extortion Campaign Used Exposed AWS ENV Files To Target 110,000 Domains

Chipmaker Microchip reveals cyber attack

MITRE Marks Major Milestone, Minting 400 CNAs as NVD Backlog Grows - Socket

The Abuse of ITarian RMM by Dolphin Loader

Toyota confirms breach after stolen data leaks on hacking forum

Routers from China-based TP-Link a national security threat, US lawmakers claim

How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

Windows driver zero-day exploited by Lazarus hackers to install rootkit

stardom dreams, stalking devices and the secret conglomerate selling both

Beyond the wail: deconstructing the BANSHEE infostealer

DDoS attack volume rises, peak power reaches 1.7 Tbps

Geopolitical Tensions Drive Explosion in DDoS Attacks

SolarWinds fixes critical RCE bug affecting all Web Help Desk versions

Zabbix Server Vulnerability Lets Attacker Execute Arbitrary Code

Ransomware attackers introduce new EDR killer to their arsenal

Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments

Doppelgänger operation rushes to secure itself amid ongoing detections, German agency says

White House working on cyber insurance policy proposal for ‘catastrophic’ incidents

Gafgyt Malware Variant Exploits GPU Power and Cloud Native Environments

The Hidden Treasures of Crash Reports

Troy Hunt: Inside the "3 Billion People" National Public Data Breach

Want to Win a Bike Race? Hack Your Rival’s Wireless Shifters | WIRED

Inside the FBI's Dashboard for Wiretapping the World

Extension Trojan Malware Campaign

Russia-linked phishing campaigns ensnare civil society and NGOs

Critical SAP flaw allows remote attackers to bypass authentication

CVE-2024-39825 and CVE-2024-39818: High-Risk Zoom Flaws Require Urgent Updates

CVE-2024-23897 Enabled Ransomware Attack on Indian Banks

Exploitable PoC Released for CVE-2024-38077: 0-Click RCE Threatens All Windows Servers

Suspected head of prolific cybercrime groups arrested and extradited - National Crime Agency

Compromising Microsoft's AI Healthcare Chatbot Service

Don’t get Mad, get wise

Exploiting pfsense Remote Code Execution – CVE-2022-31814

NIST's Post-Quantum Cryptography Standards Are Here - IEEE Spectrum

60 Hurts per Second – How We Got Access to Enough Solar Power to Run the United States

Technical Exploits of HID's iClass SE Discovered, To Be Revealed at DEF CON 32

Feds seize Radar/Dispossessor ransomware gang servers in US and Europe

CrowdStrike Exec Shows Up to Accept 'Most Epic Fail' Award in Person

Ongoing Social Engineering Campaign Refreshes Payloads

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog

Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms

A Dive into Earth Baku’s Latest Campaign

Hackers leak 2.7 billion data records with Social Security numbers

Iran Targeting 2024 US Election

Threat Actors’ Toolkit: Leveraging Sliver, PoshC2 & Batch Scripts

How a cybersecurity researcher befriended, then doxed, the leader of LockBit

AMD won't patch all chips affected by severe data theft vulnerability — Ryzen 3000, 2000, and 1000 will not get patched for 'Sinkclose' | Tom's Hardware

‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections

From Limited file read to full access on Jenkins (CVE-2024-23897)

How Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID Keycards

ICANN approves use of .internal domain for your network

Treasury Sanctions Leader and Primary Member of the Cyber Army of Russia Reborn | U.S. Department of the Treasury

WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive

Open letter to UK online service providers

INTERPOL recovers over $40 million stolen in a BEC attack

Major Payment Disruption: Ransomware Strikes Indian Banking Infrastructure

Critical Vulnerability in Apache OFBiz Requires Immediate Patching - Infosecurity Magazine

CrowdStrike says it isn't to blame for Delta's flight cancellations after July outage

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Threat Actors Capitalize On ServiceNow Vulnerability

Ransomware gang targets IT workers with new SharpRhino malware

Google fixes Android kernel zero-day exploited in targeted attacks

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

Surge in Magniber ransomware attacks impact home users worldwide

Russia-linked operations target Paris 2024 Olympics

Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware

Quartet of Trouble: XWorm, AsyncRAT, VenomRAT, and…

Black Basta ransomware switches to more evasive custom malware

UNC4393 Goes Gently into the SILENTNIGHT

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova

How the theft of 40M UK voter register records was entirely preventable

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

Mozilla follows Google in distrusting Entrust’s TLS certs • The Register

Turkey blocks access to Instagram – POLITICO

Who are the two major hackers Russia just received in a prisoner swap?

Swiss stock exchange halts trading due to technolgy issues

'Error' in Microsoft's DDoS defenses amplified Azure outage

IBM: Cost of a breach reaches nearly $5 million, with healthcare being hit the hardest

Cyberattack hits blood-donation nonprofit OneBlood

Microsoft says massive Azure outage was caused by DDoS attack

Google ads push fake Google Authenticator site installing malware

New Mandrake Android spyware version discovered on Google Play | Securelist

French fiber optic cables hit by ‘major sabotage’ in second Olympics attack

Hackers Exploited a PC Driving Sim to Pull Off Massive Disney Data Breach

Ferrari exec foils deepfake plot by asking a question only the CEO could answer

Websites are Blocking the Wrong AI Scrapers (Because AI Companies Keep Making New Ones)

CrowdStrike's Impact on Aviation

Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption | Microsoft Security Blog

TikTok Has a Nazi Problem

LummaC2 Malware Abusing the Game Platform 'Steam' - ASEC BLOG

Meta nukes massive Instagram sextortion network of 63,000 accounts

SwRI evaluates cybersecurity risks associated with EV fast-charging equipment | Southwest Research Institute

Mid-year Doppelgänger information operations in Europe and the US

Malicious Python Package Targets macOS Developers

SeleniumGreed Cryptomining Campaign Exploiting Grid Services | Wiz Blog

Windows Security best practices for integrating and managing security tools

BreachForums v1 hacking forum data leak exposes members’ info

NCA infiltrates world's most prolific DDoS-for-hire service - National Crime Agency

NVD Analysis Report

Microsoft calls for Windows changes and resilience after CrowdStrike outage

BIND updates fix high-severity DoS bugs in the DNS software suite

PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem

Secure Boot is completely broken on 200+ models from 5 big device makers | Ars Technica

Six-day, 14.7 Million RPS Web DDoS Attack Campaign Attributed to SN_BLACKMETA

Stargazers Ghost Network

DDoS Attacks in Spain

Israel Maneuvered to Prevent Disclosure of State Secrets amid WhatsApp vs NSO Lawsuit - Forbidden Stories

Switzerland now requires all government software to be open source

Data breach exposes US spyware maker behind Windows, Mac, Android and Chromebook malware

TuDoor

Intelligence Brief: Impact of FrostyGoop Modbus Malware on Connected OT Systems

Lviv neighbourhood left without heating, hot water by hacker attack

Ransomware ecosystem fragmenting under law enforcement pressure and distrust

CrowdStrike blames a test software bug for Windows wipeout

Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer

Exploiting CVE-2024-21412: A Stealer Campaign Unleashed

Solving the 7777 Botnet enigma: A cybersecurity quest

Telegram zero-day allowed sending malicious Android APKs as videos

Spanish police arrest three suspects linked to pro-Moscow NoName057(16) hackers

NCA infiltrates DDoS-for-hire site as suspected controller arrested in Northern Ireland

Arctic Wolf Labs has observed Fog ransomware being deployed against US organizations in the education and recreation sectors.

New Play Ransomware Linux Variant Targets ESXi Shows Ties With Prolific Puma | Trend Micro (US)

dirDevil: Hiding Code and Content Within Folder…

Spanish Police Arrests NoName Hackers

Technical Details: Falcon Update for Windows Hosts

Trump shooter used Android phone from Samsung; cracked by Cellebrite in 40 minutes - 9to5Mac

Our Statement on Today's Outage

Teenage suspect in MGM Resorts hack arrested in Britain

Leaked Docs Show What Phones Cellebrite Can (and Can’t) Unlock

Special Report: Massive Global IT Outages Triggered by Faulty CrowdStrike Update

APT41 Has Arisen From the DUST

Banks, airlines, brokerage houses report widespread outages across the globe

New hacker group uses open-source tools to spy on entities in Asia-Pacific region

Critical Cisco bug lets hackers add root users on SEG devices

Trello Data Breach: Hacker Dumps Personal Info of Millions of Users

INTERPOL operation strikes major blow against West African financial crime

NullBulge | Threat Actor Masquerades as Hacktivist Group Rebelling Against AI

Fake AWS Packages Ship Command and Control Malware In JPEG Files

FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks

MediSecure reveals about 12.9 million Australians had personal data stolen by hackers in April | Australia news | The Guardian

Germany to ban Chinese companies' components from core parts of its 5G networks | AP News

Iraq-based cybercriminals deploy malicious Python packages to steal data

ClickFix Deception: A Social Engineering Tactic to Deploy Malware

FBI Gains Access to Suspected Trump Shooter’s Password Locked Phone

Uncoordinated Vulnerability Disclosure: The Continuing Issues with CVD

Kaspersky Lab Closing U.S. Division; Laying Off Workers

Critical Exim bug bypasses security filters on 1.5 million mail servers

Doppelganger operation

Kematian-Stealer : A Deep Dive into a New Information Stealer

Persistent npm Campaign Shipping Trojanized jQuery

Distribution of AsyncRAT Disguised as Ebook

Apple warns iPhone users in 98 countries of spyware attacks

CloudSorcerer APT uses cloud services and GitHub as C2 | Securelist

Behind the Attack: Live Chat Phishing

How do cryptocurrency drainer phishing scams work?

Resurrecting Internet Explorer: Threat Actors Using Zero-day Tricks in Internet Shortcut File to Lure Victims (CVE-2024-38112)

Chinese APT40 hackers hijack SOHO routers to launch attacks

New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere

CVE-2024-38021: Moniker RCE Vulnerability Uncovered in Microsoft Outlook

New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk

US Disrupts Russian Bots Spreading Propaganda on Twitter

Decrypted: DoNex Ransomware and its Predecessors

South African pathology labs down after ransomware attack

New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data

Russia forces Apple to remove VPN apps from the App Store

Supply Chain Compromise Leads to Trojanized Installers | Rapid7 Blog

Indian Software Firm's Products Hacked to Spread Data-Stealing Malware

Formula 1 governing body discloses data breach after email hacks

How scam networks use fake celebrity ads to lure online investors

The Rise of Packet Rate Attacks: When Core Routers Turn Evil

RoguePuppet – A Critical Puppet Forge Supply Chain Vulnerability

Europol coordinates global action against criminal abuse of Cobalt Strike

blog.ethereum.org mailing list incident

Sonar

OpenAI’s ChatGPT Mac app was storing conversations in plain text

Twilio says hackers identified cell phone numbers of two-factor app Authy users

Europol coordinates global action against criminal abuse of Cobalt Strike | Europol

CVE-2024-29510 - Exploiting Ghostscript using format strings

3 million iOS and macOS apps were exposed to potent supply-chain attacks

Figma Disables AI App Design Tool After It Copied Apple’s Weather App

Poland to probe Russia-linked cyberattack on state news agency

Cisco NX-OS Command Injection Vulnerability CVE-2024-20399: Insights and Defense Strategies

Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications

TeamViewer: Hackers copied employee directory data and encrypted passwords

Analysis of the Phishing Campaign: Behind the Incident

Startups scramble to assess fallout from Evolve Bank data breach

Cisco warns of NX-OS zero-day exploited to deploy custom malware

Polyfill, Cloudflare trade barbs after reports of supply chain attack threatening 100k websites

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

Meet Brain Cipher — The new ransomware behind Indonesia's data center attack

New SnailLoad Attack Exploits Network Latency to Spy on Users' Web Activities

New Medusa malware variants target Android users in seven countries

Polyfill claims it has been 'defamed', returns after domain shut down

ID Verification Service for TikTok, Uber, X Exposed Driver Licenses

LockBit lied: Stolen data is from a bank, not US Federal Reserve

Hubspot says it's investigating customer account hacks | TechCrunch

Critical GitLab bug lets attackers run pipelines as any user

South Korean telecom company attacks torrent users with malware — over 600,000 customers report missing files, strange folders, and disabled PCs

Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application

From Dormant to Dangerous: P2Pinfect Evolves to Deploy New Ransomware and Cryptominer

New P2Pinfect version delivers miners and ransomware on Redis servers

Progress Software elevates severity of new MOVEit bug to ‘critical’ as exploit attempts jump

Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806)

US accuses Russian of helping Kremlin hack Ukraine’s state computer systems

Chinese Cyberspies Employ Ransomware in Attacks for Diversion

ChamelGang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware

UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware

The inside view of spyware’s 'dirty interference,' from two recent Pegasus victims

CDK Begins Restoring Systems Amid Ransomware Payment Reports

Neiman Marcus says 64,000 affected by breach of Snowflake customer account

South Africa’s national health lab hit with ransomware attack amid mpox outbreak

GrimResource - Microsoft Management Console for initial access and evasion

Stop Using cdn.polyfill.io Now

Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1)

CISA confirms hackers may have accessed data from chemical facilities during January incident

New attack uses MSC files and Windows XSS flaw to breach networks

Probllama: Ollama Remote Code Execution Vulnerability (CVE-2024-37032)

Malvertising Campaign Leads to Execution of Oyster Backdoor

RansomHub Draws in Affiliates with Multi-OS Capability and High Commission Rates

XZ backdoor behavior inside OpenSSH

More than 12,000 Santander employees in US affected by Snowflake breach

Timeline and Details of the Change Healthcare Breach

Facebook PrestaShop module exploited to steal credit cards

Rafel RAT, Android Malware from Espionage to Ransomware Operations

Mailcow Mail Server Flaws Expose Servers to Remote Code Execution

UK government weighs action against Russian hackers over NHS records theft

Threat Actor Claims AMD and Apple Breaches

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models

Russian spies' hacking campaign is 'endangering' French diplomatic interests

US bans sale of Kaspersky software citing security risk from Russia

Zero-Click Critical Microsoft Outlook Vulnerability. What You Need to Know.

All households in Scottish region to get alert about hackers publishing stolen medical data

UNC3944 Targets SaaS Applications

Security bug allows anyone to spoof Microsoft employee emails

Suspected 'Scattered Spider' hacker, 22, reportedly arrested in Spain

New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake

Microsoft Refused to Fix Flaw Years Before SolarWinds Hack

New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

Black Basta ransomware gang linked to Windows zero-day attacks

The mystery of an alleged data broker’s data breach

New York Times warns freelancers of GitHub repo data breach

Former head of NSA joins OpenAI board

Microsoft fixes hack-me-via-Wi-Fi Windows security hole • The Register

Breaking: Meta halts AI rollout in Europe after ‘request’ from Irish data protection authorities

Major takedown of critical online infrastructure to disrupt terrorist communications and propaganda | Europol

Here’s what to know about Adobe’s Terms of Use updates

Ukrainian cyber specialists attack Russian airports, several flights delayed - source

Evolution of KILLNET from Hacktivism to Private Hackers Company and the Role of Sub-groups

Multiple flaws in Fortinet FortiOS fixed

Hacker Accesses Internal ‘Tile’ Tool That Provides Location Data to Cops

You’ve Got Mail: Critical Microsoft Outlook Vulnerability Executes as Email is Opened

CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability – Horizon3.ai

IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment – The DFIR Report

The New York Times source code leaked by a 4chan user

CVE-2024-4577 RCE in PHP CGI: Everything you need to know | Wiz Blog

Bypassing Veeam Authentication CVE-2024-29849

Switzerland notes increase in cyberattacks ahead of Ukraine peace summit

UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion

Urgent call for O-type blood donations following London hospitals ransomware attack

Mandiant says hackers stole a 'significant volume of data' from Snowflake customers

Apple’s AI promise: “Your data is never stored or made accessible to Apple”

La SSR sur ses gardes face à l'éventualité de cyberattaques pendant le sommet du Bürgenstock

Malicious VSCode extensions with millions of installs discovered

Russia-linked 'Lumma' crypto stealer now targets Python devs

Menace Unleashed: Excel File Deploys Cobalt Strike at Ukraine | Fortinet Blog

Microsoft hit with EU privacy complaints over schools' use of 365 Education suite

Major London hospitals disrupted by Synnovis ransomware attack

Keeping GenAI technologies secure is a shared responsibility

Howling at the Inbox: Sticky Werewolf's Latest Malicious Aviation Attacks

Revealed: Russian legal foundation linked to Kremlin activities in Europe | Russia | The Guardian

The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever

Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability

No Way, PHP Strikes Again! (CVE-2024-4577)

Operation Crimson Palace: A Technical Deep Dive – Sophos News

Europe's cybersecurity chief says disruptive attacks have doubled in 2024, sees Russia behind many

Vulnerability in Cisco Webex cloud service exposed government authorities, companies

Cyberattack on telecom giant Frontier claimed by RansomHub

Ransomware attack hits major London hospitals

Analysts join the call for Microsoft to recall Recall

Un prestataire externe de la Ville d'Yverdon-les-Bains victime d'une cyberattaque

PikaBot: a Guide to its Deep Secrets and Operations - Sekoia.io Blog

TikTok fails 'disinformation test' before EU vote, study shows

Live Nation confirms Ticketmaster breach after hackers hawk stolen info of 560 million

Crooks threaten to leak 2.9B records of personal info

Hacking Millions of Modems (and Investigating Who Hacked My Modem)

Telegram Combolists and 361M Email Addresses

Google Leak Reveals Thousands of Privacy Incidents

Molding lies into reality || Exploiting CVE-2024-4358

Cyber house of cards – Politicians’ personal details exposed online

Ticketmaster confirms massive breach after stolen data for sale online

Shalev Hulio Made Pegasus Spyware, Now He’s King of Israeli AI

Hackers phish finance orgs using trojanized Minesweeper clone

Space secrets security update

Ticketmaster confirms data breach with a SEC filing

Hacker Releases Jailbroken "Godmode" Version of ChatGPT

Zero Day Initiative — CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud

Spyware maker pcTattletale says it's 'out of business' and shuts down after data breach | TechCrunch

Exiled, then spied on: Civil society in Latvia, Lithuania, and Poland targeted with Pegasus spyware

Active exploitation of unauthenticated stored XSS vulnerabilities in WordPress Plugins

OpenAI finds Russian, Chinese propaganda campaigns used its tech

The Pumpkin Eclipse

LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

Data breach exposes details of 25,000 current and former BBC employees

Check Point - Wrong Check Point (CVE-2024-24919)

An Anonymous Source Shared Thousands of Leaked Google Search API Documents with Me; Everyone in SEO Should See Them

macOS version of elusive 'LightSpy' spyware tool discovered

Operators of 911 S5 residential proxy service subjected to US sanctions

PoC Exploit Released For macOS Privilege Escalation Vulnerability

Troy Hunt: Operation Endgame

Largest ever operation against botnets hits dropper malware ecosystem | Europol

Cybercriminals pose as "helpful" Stack Overflow users to push malware

How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet | WIRED

TeamCity Major Bug-Fix Release for All Versions: Update Your Server Now | The TeamCity Blog

Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973)

From Origins to Operations: Understanding Black Basta Ransomware

CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive

Pegasus in Rwanda: Sister of presidential candidate, high-ranking Rwandan politicians added to spyware list

Phishing with Cloudflare Workers: Transparent Phishing and HTML Smuggling

Cyber Signals: Inside the growing risk of gift card fraud

Pwn2Own Toronto 2022 : A 9-year-old bug in MikroTik RouterOS

Exploiting the Cloud: How SMS Scammers are using Amazon, Google and IBM Cloud Services to Steal Customer Data

New ShrinkLocker ransomware uses BitLocker to encrypt your files

Foxit PDF “Flawed Design” Exploitation

Invisible miners: unveiling GHOSTENGINE’s crypto mining operations — Elastic Security Labs

Putin hijacked Austria’s spy service. Now he's going after its government

Hacker defaces spyware app’s site, dumps database and source code

Malicious PyPI packages targeting highly specific MacOS machines

How Apple Wi-Fi Positioning System can be abused to track people around the globe

A root-server at the Internet’s core lost touch with its peers. We still don’t know why.

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack | Rapid7 Blog

Criminal record database of millions of Americans dumped online

CVE-2023-34992: Fortinet FortiSIEM Command Injection Deep-Dive

'Got that boomer!': How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts | TechCrunch

QNAPping At The Wheel (CVE-2024-27130 and friends)

Exclusive: Flutterwave loses ₦11 billion in security breach

Arup revealed as victim of $25 million deepfake scam involving Hong Kong employee | CNN Business

Microsoft will require MFA for all Azure users

Cybercriminals Exploit Docusign With Customizable Phishing Templates

Russian hackers use new Lunar malware to breach a European govt's agencies

To the Moon and back(doors): Lunar landing in diplomatic missions

Log4j Exploited by XMRig Cryptominer Malware: Analysis & Mitigation

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets

Cyber Official Speaks Out, Reveals Mobile Network Attacks in U.S.

Popular Cyber Crime Forum Breach Forums Seized by Police

An Infostealer's Brewin': Cuckoo & AtomicStealer Get Creative

Investigation into Helsinki Education Division data breach proceeds | City of Helsinki

PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers

Leveraging DNS Tunneling for Tracking and Scanning

2023 Kaspersky Incident Response report

Malicious Go Binary Delivered via Steganography in PyPI

Ongoing Malvertising Campaign leads to Ransomware

Distribution of DanaBot Malware via Word Files Detected by AhnLab EDR

My life as a Chinese spy: Secret police agent tells all - ABC News

Stolen children’s health records posted online in extortion bid

Europol confirms web portal breach, says no operational data stolen

Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw

Big Vulnerabilities in Next-Gen BIG-IP

Zscaler takes "test environment" offline after rumors of a breach

Chinese network behind one of world’s ‘largest online scams’

UK confirms Ministry of Defence payroll data exposed in data breach

What we learned from the indictment of LockBit’s mastermind

Proton Mail Discloses User Data Leading to Arrest in Spain

POLITICO Europe

CVE-2024-3661: TunnelVision - How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak — Leviathan Security Group - Penetration Testing, Security Assessment, Risk Advisory

These Dangerous Scammers Don’t Even Bother to Hide Their Crimes

Statement of the MFA on the Cyberattacks Carried by Russian Actor APT28 on Czechia |

Watch out for tech support scams lurking in sponsored search results

Gird your loins, there’s a new pre-auth RCE in Ivanti boxes landing

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Google shares update on passkeys and new ways to protect accounts

Marriott admits it falsely claimed for five years it was using encryption during 2018 breach | CSO Online

Analysis of TargetCompany's Attacks Against MS-SQL Servers (Mallox, BlueSky Ransomware)

New “Goldoon” Botnet Targeting D-Link Devices

Operation PANDORA shuts down 12 phone fraud call centres

Op Pandora puts suspected phone fraudsters back in the box

Eight Arms to Hold You: The Cuttlefish Malware

Hacker free-for-all fights for control of home and office routers everywhere

macOS Adload | Prolific Adware Pivots Just Days After Apple’s XProtect Clampdown

French hospital CHC-SV refuses to pay LockBit extortion demand

Microsoft needs to win back trust

Nearly 20% of Docker Hub Repositories Spread Malware & Phishing Scams

Baltic countries blame Russia for GPS jamming of commercial flights

Vastaamo hack: Therapy notes hacker jailed for blackmail

Malware: Cuckoo Behaves Like Cross Between Infostealer and Spyware

Global attacker median dwell time continues to fall

The walls of Apple’s garden are tumbling down

WP Automatic WordPress plugin hit by millions of SQL injection attacks

Okta warns of "unprecedented" credential stuffing attacks on customers

PS4/PS5: TheFloW discloses Kernel vulnerability relying on old bug from 2006, impacts PS4 up to 11.00 & PS5 up to 8.20, more details in May

Chinese Keyboard App Vulnerabilities Explained

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices

Unplugging PlugX: Sinkholing the PlugX USB worm botnet

France seeks new EU sanctions to target Russian disinformation

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

LOCKBIT Black's Legacy: Unraveling The DragonForce Ransomware Connection - Cyble

Kapeka: A novel backdoor spotted in Eastern Europe

GreyNoise Labs - Decrypting FortiOS 7.0.x

GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining - Avast Threat Labs

How a Massive Hack of Psychotherapy Records Revealed a Nation’s Secrets

CVE-2024-20356: a Cisco appliance to run DOOM

DDoS platform shut down by international law enforcement agencies

Microsoft: APT28 hackers exploit Windows flaw reported by NSA

Unauthenticated function injection vulnerability in WordPress Shortcode Addons plugin (unpatched). – NinTechNet

‘Large volume’ of data stolen from UN agency after ransomware attack

MITRE says state hackers breached its network via Ivanti zero-days

LastPass Users Lose Master Passwords to Ultra-Convincing Scam

Ransomware payments drop to record low of 28% in Q1 2024

‘The machine did it coldly’: Israel used AI to identify 37,000 Hamas targets

Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist | TechCrunch

'Crude' ransomware tools proliferating on the dark web for cheap, researchers find

Ransomware attack has cost UnitedHealth $872 million; total expected to surpass $1 billion

Cisco: Hacker breached multifactor authentication message provider on April 1

The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider | Trend Micro (US)

New Backdoor, MadMxShell

Idle GPUs Are the Devil's Workshop

Students turning to cyberfraud as huge phishing

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities | WIRED

Over 500 people targeted by Pegasus spyware in Poland, officials say

Ivanti warns of critical flaws in its Avalanche MDM solution

Security Brief: TA547 Targets German Organizations with Rhadamanthys Stealer

Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)

DDoS threat report for 2024 Q1

The US Government Has a Microsoft Problem

Change Healthcare stolen patient data leaked by ransomware gang

Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects

Leaked LockBit builder in a real-life incident response case | Securelist

From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering | Proofpoint US

CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft

Automating Pikabot’s String Deobfuscation

World-first “Cybercrime Index” ranks countries by cybercrime threat

Top Israeli spy chief exposes his true identity in online security lapse | Israel | The Guardian

Ransomware gang’s new extortion trick? Calling the front desk

Targus discloses cyberattack after hackers detected on file servers

Attempted Audio Deepfake Call Targets LastPass Employee

Roku says 576,000 user accounts hacked after second security incident

Researchers discover new ransomware gang ‘Muliaka’ attacking Russian businesses

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

Kaspersky analysis of the backdoor in XZ

Romania-linked ‘Rubycarp’ hackers look for cryptomining, phishing DDoS opportunities

Hacker doxxes nearly every adult in El Salvador

Vulnerabilities Identified in LG WebOS

Security Advisory YSA-2024-01

Microsoft employees exposed internal passwords in security lapse

Muddled Libra’s Evolution to the Cloud

+92,000 Internet-facing D-Link NAS devices can be easily hacked

Price of zero-day exploits rises as companies harden products against hackers

Over 92,000 exposed D-Link NAS devices have a backdoor account

Bringing process injection into view(s): exploiting all macOS apps using nib files · Sector 7

Researchers Observed Visual Studio Code Extensions Steals

Qakbot Strikes Back: Understanding the Threat

Distinctive Campaign Evolution of Pikabot Malware

Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption

Ukraine gives award to foreign vigilantes for hacks on Russia

Kobold letters

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.

A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

Ukrainian cybersecurity official reveals structure of Russian hacker groups

Exclusive: Hackers stole Russian prisoner database to avenge death of Navalny

DJI Mavic 3 Drone Research: Vulnerability Analysis

Threat Actors Deliver Malware via YouTube Video Game Cracks

Microsoft could have prevented Chinese cloud email hack, US cyber report says

The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind

Google fixes two Pixel zero-day flaws exploited by forensics firms

Introducing Sunlight, a CT implementation built for scalability, ease of operation, and reduced cost - Let's Encrypt

The Open Source Community is Building Cybersecurity Processes for CRA Compliance

OWASP Data Breach Notification

GitHub - amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

Facebook snooped on users’ Snapchat traffic in secret project, documents reveal | TechCrunch

What we know about the xz Utils backdoor that almost infected the world

Infostealers continue to pose threat to macOS users

Vulnerabilities Year-in-Review: 2023

State of WordPress Security In 2024

Claro Company Hit by Trigona Ransomware

Check if you're vulnerable to CVE-2024-3094

xz/liblzma: Bash-stage Obfuscation Explained - gynvael.coldwind//vx.log

From OneNote to RansomNote: An Ice Cold Intrusion - The DFIR Report

Serious security breach hits EU police agency

AT&T confirms data for 73 million customers leaked on hacker forum

The Darkside of TheMoon

EU bans anonymous crypto payments to hosted wallets

PHP Obfuscator with Backdoor

Easy privilege escalation exploit lands for Linux kernels

Urgent security alert for Fedora 41 and Fedora Rawhide users

Ransomware gang leaks stolen Scottish healthcare patient data in extortion bid

AI bots hallucinate software packages and devs download them

Decade-old Linux ‘wall’ bug helps make fake SUDO prompts, steal passwords

PyPI halted new users and projects while it fended off supply-chain attack

Jeffrey Epstein's Island Visitors Exposed by Data Broker

Diving Deeper into AI Package Hallucinations

Lighter Ransomware Locks Users Out of System

Out of the shadows - ’darcula’ iMessage and RCS smishing attacks target USPS and global postal services

Thousands of servers hacked in ongoing attack targeting Ray AI framework

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

Finland confirms APT31 hackers behind 2021 parliament breach

Google: Spyware vendors behind 50% of zero-days exploited in 2023

BlueSpy - Spying on Bluetooth conversations

New ZenHammer memory attack impacts AMD Zen CPUs

Why X86 Needs To Die

Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit

Over 170K users hit by poisoned Python package ruse

New Go loader pushes Rhadamanthys stealer

APT29 Uses WINELOADER to Target German Political Parties | Mandiant

IMF Investigates Cyber-Security Incident

Change Healthcare ransomware attack disrupting industry nationwide

Darknet marketplace Nemesis Market seized by German police

Large-Scale StrelaStealer Campaign in Early 2024

Google Online Security Blog: Vulnerability Reward Program: 2023 Year in Review

The iSOON Disclosure: Exploring the Integrated Operations Platform

Ransomware Recruitment Efforts Following Law Enforcement Disruption

Apple Sued for Prioritizing Market Dominance Over Security

OpenAI's chatbot store is filling up with spam

Exploit released for Fortinet RCE bug used in attacks, patch now

Unpatchable vulnerability in Apple chip leaks secret encryption keys

Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds | WIRED

Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season

Managing Attack Surface | Huntress Blog

The Updated APT Playbook: Tales from the Kimsuky threat actor group | Rapid7 Blog

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver

Ivanti fixes critical Standalone Sentry bug reported by NATO

AceCryptor malware has surged in Europe, researchers say

Microsoft Copilot for Security: General Availability details

Loop DoS: New Denial-of-Service attack targets application-layer protocols

Top 5 Russian-Speaking Dark Web Forums

Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762

Misconfigured Firebase instances leaked 19 million plaintext passwords

New Attack Techniques Bypassing ML Security

Finland, Germany, Ireland, Japan, Poland, South Korea added to US-led spyware agreement

Interesting Multi-Stage StopCrypt Ransomware Variant Propagating in the Wild

Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks | Trend Micro (US)

Researchers spot updated version of malware that hit Viasat

IT helpdeskers increasingly targeted by cybercriminals

Elon Musk's SpaceX builds spy satellite network for U.S. intelligence

'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors

National Vulnerability Database: Opaque changes and unanswered questions

Why hackers are targeting young public school students

Linux Foundation Launches Tazama: A Revolutionary Open Source Solution for Real-Time Fraud Management

Exclusive: After LockBit’s takedown, its purported leader vows to hack on

Google Chrome gets real-time phishing protection later this month

The Architects of Evasion: a Crypters Threat Landscape

DarkGate Opens Organizations for Attack via Skype, Teams

Salt Labs research finds security flaws within ChatGPT Ecosystem (Remediated)

Researchers found multiple flaws in ChatGPT plugins

Secret Backdoor Codes in Safe Locks

GhostSec’s joint ransomware operation and evolution of their arsenal

World’s first major act to regulate AI passed by European lawmakers

LockBit ransomware affiliate gets four years in jail, to pay $860k

Threat actors leverage document publishing sites for ongoing credential and session token theft

JetBrains vulnerability exploitation highlights debate over 'silent patching'

Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities

CISA forced to take two systems offline last month after Ivanti compromise

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

Switzerland: Play ransomware leaked 65,000 government documents

Flipper Zero WiFi phishing attack can unlock and steal Tesla cars

The Anatomy of an ALPHA SPIDER Ransomware Attack

Microsoft AI engineer says Copilot Designer creates disturbing images

US sanctions founder of spyware maker Intellexa for targeting Americans | TechCrunch

Duvel says it has "more than enough" beer after ransomware attack

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

It’ll be back: Attackers still abusing Terminator tool and variants

ACEMAGIC Addresses Virus Incident: Proactive Measures and Solutions

RATs Distributed Through Skype, Zoom, & Google Meet Lures

Rapid7 flames JetBrains over vulnerability disclosure

BlackCat ransomware shuts down in exit scam, blames the "feds"

Ukraine Claims it Hacked Russian MoD - Infosecurity Magazine

CVE-2024-21762 Vulnerability Scanner for FortiGate…

How AMOS macOS Stealer Avoids Detection

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)

Police seized Crimemarket, the largest German-speaking cybercrime marketplace

BlackCat ransomware turns off servers amid claim they stole $22 million ransom

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment

Russia’s chief propagandist leaks intercepted German military Webex conversation

Ubiquiti owners warned Moscow may build another botnet • The Register

ALPHV/BlackCat hits healthcare after retaliation threat, FBI says

Popular video doorbells can be easily hijacked, researchers find

US prescription market hamstrung for 9 days (so far) by ransomware attack | Ars Technica

Russia publishes German army meeting on Ukraine

NoName057(16) DDoSia project: 2024 updates and behavioural shifts

Here Come the AI Worms

GitHub besieged by millions of malicious repositories in ongoing attack | Ars Technica

CISA cautions against using hacked Ivanti VPN gateways even after factory resets

Failles d’Ivanti : une centaine d’organisations victimes en France

The Predator spyware ecosystem is not dead

DNS Used to Hide Fake Investment Platform Schemes | Infoblox

BlackCat Ransomware Affiliate TTPs

Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day - Avast Threat Labs

Google CEO Sundar Pichai calls AI tool’s responses ‘completely unacceptable’

Civil society complaint raises concern that LinkedIn is violating DSA ad targeting restrictions

Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities

PIKABOT, I choose you!

SEO Poisoning to Domain Control: The Gootloader Saga Continues

LockBit ransomware returns, restores servers after police disruption

U.S. and U.K. Disrupt LockBit Ransomware Variant | United States Department of Justice

How your sensitive data can be sold after a data broker goes bankrupt

Ransomware Operation LockBit Reestablishes Dark Web Leak Site

Hackers Leak 2.5M Private Plane Owners' Data Linked to LA Intl. Airport Breach

Avast fined $16.5 million for ‘privacy’ software that actually sold users’ browsing data

Jamf says 9% of smartphone have fallen for phishing attacks

Multiple XSS flaws in Joomla can lead to remote code execution

Scattered Spider laying new eggs

ConnectWise ScreenConnect: Authentication Bypass Deep Dive

A first analysis of the i-Soon data leak

Apple iOS 17.4: iMessage Gets Post-Quantum Encryption in New Update

European Parliament finds spyware on defense committee members’ phones

Anatsa Banking Trojan Resurfaces, Targets European Banks

Police arrests LockBit ransomware members, release decryptor in global crackdown

Law enforcement disrupt world’s biggest ransomware operation

Cactus ransomware claim to steal 1.5TB of Schneider Electric data

Ransomware Experts See Problems With Banning Ransom Payments

LockBit ransomware gang disrupted by international law enforcement operation

Several Ukrainian media outlets attacked by Russian hackers

LockBit ransomware disrupted by global police operation

ESET fixed high-severity local privilege escalation bug in Windows products

Poland's PM says authorities in the previous government widely and illegally used Pegasus spyware | AP News

Air Canada must honor refund policy invented by airline’s chatbot

Code injection or backdoor: A new look at Ivanti’s CVE-2021-44529

Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign

Google launches AI Cyber Defense Initiative to improve security infrastructure

New ‘Magic’ Gmail Security Uses AI And Is Here Now, Google Says

BMW security lapse exposed sensitive company information, researcher finds

Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors

Spyware startup Variston is losing staff — some say it’s closing

Ukrainian national pleads guilty for roles in Zeus, IcedID malware operations

Threat Intel Accelerates Detection & Response

Disrupting malicious uses of AI by state-affiliated threat actors

Patch Tuesday - February 2024

Denmark orders schools to stop sending student data to Google

The Risks of the #MonikerLink Bug in Microsoft Outlook and the Big Picture

Zoom fixed critical flaw CVE-2024-24691 in Windows software

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments

New MacOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group

EU capitals fear Russian retaliation and cyberattacks after asset freezes

Fake LastPass App Sneaks Past Apple's Review Team

KV-Botnet: Don’t call it a Comeback - Lumen

New RustDoor macOS malware impersonates Visual Studio update

World Govs, Tech Giants Sign Spyware Responsibility Pledge

Hyundai Motor Europe hit by Black Basta ransomware attack

Ivanti: Patch new Connect Secure auth bypass bug immediately

Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure

Raspberry Pi Pico cracks BitLocker in under a minute

Ransomware Hit $1 Billion in 2023

Security Researcher Allegedly Hacked Apple’s Backend, Scammed $2.5 Million

Thanksgiving 2023 security incident

Chinese hackers infect Dutch armed forces network with malware

Fingerprint photo led investigators to therapy centre hacking suspect

Zero Day Initiative — CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

Government hackers targeted iPhones owners with zero-days, Google says

Ransomware Retrospective 2024: Unit 42 Leak Site Analysis

45,000 Jenkins servers remain vulnerable to RCE attacks

Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’

Leaky Vessels flaws allow hackers to escape Docker, runc containers

Zyxel VPN Series Pre-auth Remote Command Execution

AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web

Investigation: Apparent Russian disinformation group posing as ex-president Poroshenko targets foreign fighters in Ukraine

AnyDesk says hackers breached its production servers, resets passwords

There Are Too Many Damn Honeypots

Here is Apple's official 'jailbroken' iPhone for security researchers | TechCrunch

How Memory Forensics Revealed Exploitation of Ivanti Connect Secure VPN Zero-Day Vulnerabilities

Apple fixes zero-day bug in Apple Vision Pro that 'may have been exploited'

DarkGate malware delivered via Microsoft Teams - detection and response

The "EventLogCrasher" 0day For Remotely Disabling Windows Event Log, And a Free Micropatch For It

Evolution of UNC4990: Uncovering USB Malware's Hidden Depths

Binance Code and Internal Passwords Exposed on GitHub for Months

Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver 

Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()

Hundreds of network operators’ credentials found circulating in Dark Web

New Go-based Malware Loader Discovered I Arctic Wolf

How a mistakenly published password exposed Mercedes-Benz source code

Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours

Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub

Trello API abused to link email addresses to 15 million accounts

NSA is buying Americans’ internet browsing records without a warrant

Researchers Say the Deepfake Biden Robocall Was Likely Made With Tools From AI Startup ElevenLabs

Russian developer of Trickbot malware sentenced to five years in prison

Midnight Blizzard: Guidance for responders on nation-state attack

23andMe data breach: Hackers stole raw genotype data, health reports

Inside a Global Phone Spy Tool Monitoring Billions

X is being flooded with graphic Taylor Swift AI images

HPE reveals Russian attackers accessed internal emails

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

AI will make scam emails look genuine, UK cybersecurity agency warns

SEC says X account hack was due to SIM swapping

CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT | Rapid7 Blog

Info Stealing Packages Hidden in PyPI

Atlassian Confluence Server RCE attacks underway

178,000 SonicWall firewalls are vulnerable to old DoS bugs

Technology News Government News Get more insights with the Recorded Future Intelligence Cloud. Learn more. In alerting about two Citrix bugs, CISA recommends immediate attention for one

A backdoor with a cryptowallet stealer inside cracked macOS software

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

Microsoft network breached through password-spraying by Russian-state hackers

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Jamf Threat Labs Discovers Pirated macOS Apps Similar to ZuRu Malware

Ivanti Connect Secure VPN Exploitation: New Observations

Researcher uncovers one of the biggest password dumps in recent history

Why Join The Navy If You Can Be A Pirate?

A Victim of Mallox Ransomware: How Truesec CSIRT Fought Back

The Many Faces of Undetected macOS InfoStealers | KeySteal, Atomic & CherryPie Continue to Adapt

MacOS info-stealers quickly evolve to evade XProtect detection

iShutdown scripts can help detect iOS spyware on your iPhone

LeftoverLocals: Listening to LLM responses through leaked GPU local memory

Bigpanzi Exposed: The Hidden Cyber Threat Behind Your Set-Top Box

NoName057(16) |

CVE-2023-46805

Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic

Ivanti Connect Secure VPN Exploitation Goes Global

Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows

Chrome Users Now Worth 30% Less Money Thanks to Google's Cookie Killing, Ad Firm Says

Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days

Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887

Further analysis of Denmark attacks leads to warning about unpatched network gear

Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe

ShinyHunters member gets 3 years in prison for breaching 60 firms

Turkish hackers targeting database servers with Mimic ransomware

Anthropic researchers find that AI models can be trained to deceive

CVE-2024-21591 - Juniper J-Web OOB Write vulnerability

Hackers can infect network-connected wrenches to install ransomware

Cryptojacker arrested in Ukraine over EUR 1.8 million mining scheme

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Attack of the week: Airdrop tracing – A Few Thoughts on Cryptographic Engineering

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) | STAR Labs

Linux devices are under attack by a never-before-seen worm | Ars Technica

AirDrop 'Cracked' By Chinese Authorities to Identify Senders

Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN

NSA official: hackers use AI bots like ChatGPT to perfect English

SEC Has Not Approved Bitcoin ETFs, but Its Hacked X Account Briefly Said Otherwise

Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police

Netgear, Hyundai latest X accounts hacked to push crypto drainers

Ransomware gang takes credit for Christmas attack on global Lutheran organization

WCC hit by ransomware attack

Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran

Compromising Google Accounts: Malwares Exploiting Undocumented OAuth2 Functionality for session hijacking

Dutch man sabotaged Iranian nuclear program without Dutch government's knowledge: report

Multiple vulnerabilities in Lantronix EDS-MD IoT gateway for medical devices

LastPass to enforce a 12-character requirement for master passwords

CVE-2023-27532

ALPHV Ransomware Claims Cyberattack on US Firm Ultra Intelligence and Communications

Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices | FortiGuard Labs

Analyzing DPRK's SpectralBlur

Ivanti warns critical EPM bug lets hackers hijack enrolled devices

Weak password and infostealer blamed for Orange Spain outage

Hacker hijacks Orange Spain RIPE account to cause BGP havoc

The State of Ransomware in the U.S.: Report and Statistics 2023

Qualcomm chip vulnerability enables remote attack by voice call

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

The biggest cybersecurity and cyberattack stories of 2023

Porsche To Kill ICE-Powered Macan In Europe Over Cybersecurity Laws | Carscoops

Downfall - A Slay the Spire Fan Expansion :: Downfall (Steam Standalone) was Breached. Please read.

Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania

CVE-2023-46747 : Unauthenticated Remote Code Execution in F5 BIG-IP - Malware Analysis - Malware Analysis, News and Indicators

Hackers Attack UK's Nuclear Waste Services Through LinkedIn

Victoria Courts Confront Unprecedented Ransomware Assault on AV Technology Network

Objective-See's Blog

A New Kind of AI Copy Can Fully Replicate Famous People. The Law Is Powerless.

ChatGPT-aided ransomware in China results in four arrests as AI raises cybersecurity concerns | South China Morning Post

New Black Basta decryptor exploits ransomware flaw to recover files

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies

Russian military hackers target Ukraine with new MASEPIE malware

Ukraine war: What's the impact of cyber guerrillas?

Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances

‘Wall of Flippers’ detects Flipper Zero Bluetooth spam attacks

Hackers stole $2 billion in crypto in 2023, data shows

Amnesty confirms Apple warning: Indian journalists’ iPhones infected with Pegasus spyware

Lockbit ransomware disrupts emergency care at German hospitals

Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network

Microsoft disables MSIX protocol handler abused in malware attacks

This Clever New Idea Could Fix AirTag Stalking While Maximizing Privacy

Operation Triangulation: The last (hardware) mystery

The Disturbing Impact of the Cyberattack at the British Library

GTA 5 source code reportedly leaked online a year after RockStar hack

Ubisoft says it's investigating reports of a new security breach

Personal Information Exploit on OpenAI’s ChatGPT Raise Privacy Concerns

Google Search Overwhelmed By Massive Spam Attack

Crypto drainer steals $59 million from 63k people in Twitter ad push

Android Banking Trojan Chameleon can now bypass any Biometric Authentication

BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates

German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa

Russian Water Utility Cyberattack Impacts 6000 Systems

Lapsus$: GTA 6 hacker handed indefinite hospital order

Healthcare software provider data breach impacts 2.7 million

SSH protects the world’s most sensitive networks. It just got a lot weaker

Snikt! Rhysida dumps more than a terabyte of Insomniac Games’ internal data

Qakbot's Back, But Don't Y'all Panic: A Southern Tech Talk

Unveiling VISS: a revolutionary approach to vulnerability impact scoring

Web injections are back on the rise: 40+ banks affected by new malware campaign

Terrapin attacks can downgrade security of OpenSSH connections

Xfinity waited to patch critical Citrix Bleed 0-day. Now it’s paying the price

Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice

Authorities claim seizure of notorious ALPHV ransomware gang's dark web leak site | TechCrunch

Vans, Supreme owner VF Corp. says personal data stolen and orders impacted in suspected ransomware attack | TechCrunch

Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains

The Curious Case of Predatory Sparrow

FBI: Play ransomware gang has attacked 300 orgs since 2022

SMTP Smuggling - Spoofing E-Mails Worldwide

Ukrainian cellular and Internet still out, 1 day after suspected Russian cyberattack | Ars Technica

Rhadamanthys v0.5.0 - a deep dive into the stealer’s components

MongoDB says customer data was exposed in a cyberattack

QNAP VioStor NVR vulnerability actively exploited by malware botnet

Microsoft’s AI Chatbot Replies to Election Questions With Conspiracies, Fake Scandals, and Lies

Marketing Company Claims That It Actually Is Listening to Your Phone and Smart Speakers to Target Ads

Exploiting GOG Galaxy XPC service for privilege escalation in macOS

Imperva Uncovers CVE-2023-22524, A RCE Vulnerability

3CX warns customers to disable SQL database integrations

A pernicious potpourri of Python packages in PyPI

Paternity and fertility tests among data stolen in Asper Biogene cyberattack | News | ERR

Supply chain attack targeting Ledger crypto wallet leaves users hacked

CVE-2023-50164

Ledger's Web3 Connector library was compromised and replaced with a drainer

Apple will no longer give police users' push notification data without a warrant

Hackers are exploiting critical Apache Struts flaw using public PoC

Ukraine’s intelligence claims cyberattack on Russia’s state tax service

CALISTO doxxing : Sekoia.io findings concurs to Reuters’ investigation on FSB-related Andrey Korinets

Threat actors misuse OAuth applications to automate financially driven attacks

Spider-Man And Wolverine Devs Hit By Alleged Ransomware Attack

Apple’s new iPhone security setting keeps thieves out of your digital accounts

AlphV’s bid to report its victim to the SEC could backfire

pfSense Security: Sensing Code Vulnerabilities with SonarCloud

One in four apps remain exposed to Log4Shell

Sophos backports RCE fix after attacks on unsupported firewalls

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

US healthcare giant Norton says hackers stole millions of patients' data during ransomware attack | TechCrunch

The EU Just Passed Sweeping New Rules to Regulate AI

Amazon sues group that fakes returns so people can get free MacBooks - The Verge

Early Warning Notification - the use of Bluetooth trackers for geolocation in organised crime | Europol

Russian Hacker Vladimir Dunaev Pleads Guilty for Creating TrickBot Malware

Inside Job: How a Hacker Helped Cocaine Traffickers Infiltrate Europe’s Biggest Ports

Using AI to Automatically Jailbreak GPT-4 and Other LLMs in Under a Minute

Scanning Danger: Unmasking the Threats of Quishing

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

Fighting Ursa Aka APT28: Illuminating a Covert Campaign

Star Blizzard increases sophistication and evasion in ongoing attacks

UK names FSB unit behind hack-and-leak campaigns, summons Russian ambassador

Rhysida ransomware gang claimed China Energy hack

PLC Hacking - More Commonplace Than You Might Think

Researchers discover dozens of new bugs affecting Sierra Wireless routers

Jamf Threat Labs: Fake Lockdown Mode proof of concept

Analysis of a new macOS Trojan-Proxy

Apple Confirms Governments Using Push Notifications to Surveil Users - MacRumors

Windows 10 gets three more years of security updates, if you can afford them | Ars Technica

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Russian Hackers’ Lawsuit Reveals Weaknesses In Apple’s iOS 16

23andMe confirms hackers stole ancestry data on 6.9 million users

P2Pinfect - New Variant Targets MIPS Devices

Phineas Fisher, Hacktivism, and Magic Tricks

N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection

The Far-Reaching Consequences of LogoFAIL

Vidar Infostealer Steals Booking.com Credentials in Fraud Scam

Cyber Threats affecting "International Geneva"

Qlik Sense Remote Code Execution Technical Exploitation -

New BLUFFS attack lets attackers hijack Bluetooth connections

Okta reveals additional attackers' activities in October 2023 Breach

Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals

Diamond Sleet supply chain compromise distributes a modified CyberLink installer

Welltok data breach exposes data of 8.5 million US patients

Japan space agency hit with cyberattack, rocket and satellite info not accessed | Reuters

InfectedSlurs Botnet Spreads Mirai via Zero-Days

Spyware Targeting Against Serbian Civil Society - The Citizen Lab

Spyware in Serbia: civil society under attack - Access Now

DP World confirms data stolen in cyberattack, no ransomware used

DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads

Report claims to reveal identity of Russian hacktivist leader

440,000 Sets of Personal Info Affected by Hack of Line Operator | Nippon.com

Telekopye: Chamber of Neanderthals’ secrets

Into the Trash: Analyzing LitterDrifter

iPhone: Why Apple is working hard to break into its own phones

USB worm unleashed by Russian state hackers spreads worldwide

Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet | Ars Technica

The Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secrets

How to bypass Windows Hello, log into vulnerable laptops

Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors

Meet the Unique New "Hacking" Group: AlphaLock

Artificial Intelligence in Education – Legal Best Practices

Building an Exploit for FortiGate Vulnerability…

InfectedSlurs Botnet Spreads Mirai via Zero-Days

Understanding the Phobos affiliate structure and activity

Atomic Stealer distributed to Mac users via fake browser updates

Rhysida ransomware gang claims attack on British Library • The Register

Nearly 9 million patients' records compromised in data breach

Lumma Stealer malware now uses trigonometry to evade detection

GitHub - yunuscadirci/DIALStranger: details about DIAL protocol vulnerabilities

Thornaby: Woman targeted in £13k train station QR code scam

2023’s ransomware rookies are a remix of Conti and other classics

Hackers swipe Booking.com, damage from attack is global

Gang says ICBC paid ransom over hack that disrupted US Treasury market | Reuters

Toyota confirms breach after Medusa ransomware threatens to leak data

Zimbra 0-day used to target international government organizations

European Telecom Body to Open-Source Radio Encryption System

Uncovering thousands of unique secrets in PyPI packages

In a first, cryptographic keys protecting SSH connections stolen in new attack | Ars Technica

Google’s new Titan Security Keys let you store passkeys

Intel fixes high-severity CPU bug that causes “very strange behavior”

A Closer Look at ChatGPT's Role in Automated Malware Creation

The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story | WIRED

C3RB3R Ransomware | Ongoing Exploitation of CVE-2023-22518 Targets Unpatched Confluence Servers - SentinelOne

Google researchers discover 'Reptar,’ a new CPU vulnerability

District of Puerto Rico | Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World | United States Department of Justice

Microsoft Patch Tuesday November 2023

The $2,000 Phones that Let Anyone Make Robocalls

Child sexual abuse online: effective measures, no mass surveillance

Nothing new, still broken, insecure by default since then: Python's e-mail libraries and certificate verification

GameOver(lay) - Local Privilege Escalation in Ubuntu Kernel

Malaysian Police Dismantle “BulletProftLink” Phishing Operation

Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack

Ivanti EPMM CVE-2023-39335/39337

Here’s How Violent Extremists Are Exploiting Generative AI Tools

DP World: Australian ports to remain closed as AFP investigates cybersecurity breach

Apple neglects to patch multiple critical vulnerabilities in macOS

CVE-2023-38548

Detecting “Effluence”, an Unauthenticated Confluence Web Shell

ICBC hit by ransomware impacting global trades

Dozens of npm Packages Caught Attempting to Deploy Reverse Shell

Nude “before and after” photos stolen from plastic surgeon, posted online, and sent to victims' family and friends

Ransomware attack on ICBC disrupts trades in US Treasury market

Cloudflare website downed by DDoS attack claimed by Anonymous Sudan

Microsoft Temporarily Blocked Internal Access to ChatGPT, Citing Data Concerns

Atlassian confirms ransomware is exploiting latest Confluence bug

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology

Malvertiser copies PC news site to deliver infostealer

Android Kitchen Sink: Send BLE spam to iOS, Android and Windows at once using Android app - Mobile Hacker

SysAid Zero-Day Vulnerability Exploited by Ransomware Group

SysAid On-Prem Software CVE-2023-47246 Vulnerability

Microsoft offers politicians protection against deepfakes

Predator AI | ChatGPT-Powered Infostealer Takes Aim at Cloud Platforms

Python obfuscation traps

Common Vulnerability Scoring System

ATT&CK v14 Unleashes Detection Enhancements, ICS Assets, and Mobile Structured Detections | by Amy L. Robertson

Jamf Threat Labs Discovers Malware from BlueNoroff

Critical Atlassian Confluence bug exploited in Cerber ransomware attacks

Not so lucky: BlackCat is back!

Discord will switch to temporary file links to block malware delivery

Elastic catches DPRK passing out KANDYKORN — Elastic Security Labs

AI companies have all kinds of arguments against paying for copyrighted content

GhostSec offers Ransomware-as-a-Service Possibly Used to Target Israel

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Four dozen countries declare they won't pay ransomware ransoms | CyberScoop

Apple 'Find My' network can be abused to steal keylogged passwords

Send My: Arbitrary data transmission via Apple's Find My network | Positive Security

New Microsoft Exchange zero-days allow RCE, data theft attacks

Microsoft is overhauling its software security after major Azure cloud attacks

How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime

Mozi botnet goes dark under mysterious circumstances

How a tiny Pacific Island became the global capital of cybercrime

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System

Microsoft profiles new threat group with unusual but effective practices

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction

Boeing says 'cyber incident' hit parts business after ransom threat | Reuters

CVE-2023-46604

Massive ransomware attack hinders services in 70 German municipalities

2022 RTF Global Ransomware Incident Map: Attacks continue worldwide, groups splinter, education sector hit hard

Massive cybercrime URL shortening service uncovered via DNS data

CVE-2023-46747

Atlassian warns of critical Confluence flaw leading to data loss

SEC accuses SolarWinds CISO of misleading investors before Russian cyberattack | TechCrunch

Surge in QR Code Quishing: Check Point Records 587% Attack Spike

Two Developers of the Ragnar Locker Ransomware Arrested in Spain

GHOSTPULSE haunts victims using defense evasion bag o' tricks

FakeUpdateRU Chrome Update Infection Spreads Trojan Malware

3 new NGINX ingress controller Kubernetes related vulnerabilities

Introducing HAR Sanitizer: secure HAR sharing

HackerOne paid ethical hackers over $300 million in bug bounties

SIM Swappers Are Working Directly with Ransomware Gangs Now

CVE-2023-45498: RCE in VinChin Backup

Compromising F5 BIGIP with Request Smuggling | CVE-2023-46747

Chatbot Hallucinations Are Poisoning Web Search

A cascade of compromise: unveiling Lazarus' new campaign

Hyundai to hold software-upgrade clinics across the US for vehicles targeted by thieves | AP News

StripedFly: Perennially flying under the radar

Triangulation: validators, post-compromise activity and modules | Securelist

VMSA-2023-0023

Hackers can force iOS and macOS browsers to divulge passwords and much more

Now Android and Windows devices aren't safe from Flipper Zero either | ZDNET

Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately

CVE-2023-4966: NetScaler Critical Security Update Now Available

Battling a new DarkGate malware campaign with Malwarebytes MDR

Citrix Bleed: Leaking Session Tokens with CVE-2023-4966

Okta incident and 1Password | 1Password

1Password Detects Suspicious Activity Following Okta Support Breach

Spain police dismantled a cybercriminal group who stole data of 4 million individuals

Okta stock falls after company says client files accessed by hackers via support system

How Cloudflare mitigated yet another Okta compromise

CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations

Measures taken following the unprecedented cyber-attack on the ICC

Switzerland’s e-voting system has predictable implementation blunder

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

D-Link confirms data breach after employee phishing attack

Ragnar Locker ransomware gang taken down by international police swoop

Casio keyed up after data loss hits customers in 149 countries • The Register

Ukrainian activists hack Trigona ransomware gang, wipe servers

Ragnar Locker ransomware’s dark web extortion sites seized by police

CIA exposed to intelligence interception due to X's URL bug

The forgotten malvertising campaign

Hackers exploit critical flaw in WordPress Royal Elementor plugin

Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability

Disclosing the BLOODALCHEMY backdoor

Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)

LinkedIn Smart Links Fuel Credential Phishing Campaign

Users of Telegram, AWS, and Alibaba Cloud targeted in latest supply chain attack

The evolution of Windows authentication

Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins

Steam Adds Security Layer for Devs After Some Had Their Accounts Compromised and Malware Was Injected in Games

The Predator Files: European Spyware Consortium Supplied Despots and Dictators

IZ1H9 Campaign Enhances Its Arsenal with Scores of Exploits | FortiGuard Labs

HTTP/2 Rapid Reset: deconstructing the record-breaking attack

The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages | Akamai

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews

90s Vulns In 90s Software (Exim) - Is the Sky Falling?

Rules of engagement issued to hacktivists after chaos

Android TV Boxes Infected with Backdoors, Compromising Home Networks

X-Force uncovers global NetScaler Gateway credential harvesting campaign

n their push for AI-generated content, tech companies are dancing on the edge between fucking around and finding out.

Genetics firm 23andMe says user data stolen in credential stuffing attack

Mirai Botnet's New Wave: hailBot,kiraiBot, catDDoS, and Their Fierce Onslaught - NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks

Binarly REsearch Uncovers Major Vulnerabilities in Supermicro BMCs

The evolutionary tale of a persistent Python threat

CVE: Zero-Day Privilege Escalation in Confluence Server & Data Center

Sony confirms data breach impacting thousands in the U.S.

CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so

Vulnerable Arm GPU drivers under active exploitation. Patches may not be available | Ars Technica

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Microsoft Defender Flags Tor Browser as a Trojan and Removes it from the System

Critical vulnerabilities in Exim threaten over 250k email servers worldwide | Ars Technica

Routers have been rooted by Chinese spies US and Japan warn

NSA chief announces new AI Security Center, 'focal point' for AI use by government, defense industry

Vulnerability in popular ‘libwebp’ code more widespread than expected

CVE-2023-42793

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data

Sony Investigating After Hackers Offer to Sell Stolen Data

Decade of newborn child registry data stolen in MOVEit mass-hack

From ScreenConnect to Hive Ransomware in 61 hours

PREDATOR IN THE WIRES: Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions

0-days exploited by commercial surveillance vendor in Egypt

All thanks to ‘Big Yellow Taxi’: How State discovered Chinese hackers reading its emails

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

Apple emergency updates fix 3 new zero-days exploited in attacks

International Criminal Court hit with a cyber attack

US-Canada water commission confirms 'cybersecurity incident"

[CVE-2023-42752] integer overflow in Linux kernel leading to exploitable memory access

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog

Leaked Microsoft documents hint at new Doom and Dishonored games

Microsoft AI Employee Accidentally Leaks 38TB of Data

New Python NodeStealer Goes Beyond Facebook Credentials, Now Stealing All Browser Cookies and Login Credentials

BlackCat ransomware hits Azure Storage with Sphynx encryptor

Ransomware flingers hit Manchester cops in the supply chain • The Register

TikTok fined €345M by Irish DPC for violating children’s privacy

When MFA isn't actually MFA

How Google Authenticator made one company’s network breach much, much worse

Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes

Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability

macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks

Trojanized Free Download Manager found to contain a Linux backdoor

Threat actor leaks sensitive data belonging to Airbus

Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks

Critical WebP bug: many apps, not just browsers, under threat

With 0-days hitting Chrome, iOS, and dozens more this month, is no software safe? | Ars Technica

PSA: Ongoing Webex malvertising campaign drops BatLoader

Attacker combines phone, email lures into believable, complex attack chain

Ransomware crew hits Save The Children, steals 7TB of data

Microsoft to defend customers on AI copyright challenges

ChatGPT fails in languages like Tamil and Bengali

KNVB paid ransom to prevent cyber criminals from publishing footballers' passports

Cybersecurity issue prompts computer shutdowns at MGM Resorts properties across US

Active North Korean campaign targeting security researchers

North Korea-backed hackers target security researchers with 0-day

The International Criminal Court Will Now Prosecute Cyberwar Crimes

Last Week on My Mac: How quickly can Apple release a security update?

China’s iPhone ban expected to expand to more government agencies soon

Code Vulnerabilities Put Proton Mails at Risk

Mac users targeted in new malvertising campaign delivering Atomic Stealer

Apple discloses 2 new zero-days exploited to attack iPhones, Macs

How China Demands Tech Firms Reveal Hackable Flaws in Their Products

Rockstar Games reportedly sold games with Razor 1911 cracks on Steam

Compromised Microsoft Key: More Impactful Than We Thought

Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs - SecurityWeek

Nascent Malware Campaign Targets npm, PyPI, and RubyGems Developers

What's in a NoName? Researchers see a lone-wolf DDoS group

Okta customers targeted in social engineering scam

Attackers access military data through fencing supplier

China Bans iPhone Use for Government Officials at Work

Zaun Data Breach

Is macOS’s new XProtect behavioural security preparing to go live?

Apple’s Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh Controversy

The Emergence of Ransomed: An Uncertain Cyber Threat in the Making

Pay our ransom instead of a GDPR fine, cybercrime gang tells its targets

Healthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, Costs

VMConnect supply chain attack continues, evidence points to North Korea - Security Boulevard

An Ongoing Open Source Attack Reveals Roots Dating Back To 2021

New Twitter scam in China: sextortion scammers

Hackers modify open-source ‘SapphireStealer’ malware, leading to multiple variants

LogicMonitor customers hit by hackers, because of default passwords | TechCrunch

Unmasking Trickbot, One of the World’s Top Cybercrime Gangs

Qakbot Malware Takedown and Defending Forward

Raising Online Defenses Through Transparency and Collaboration | Meta

How NightOwl for Mac Added a Botnet

Exposing DuckTail

Qakbot botnet infrastructure shattered after international operation

The Cheap Radio Hack That Disrupted Poland’s Railway System

Qakbot botnet dismantled after infecting over 700,000 computers

Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)

Attacks on Citrix NetScaler systems linked to ransomware actor

Adversary On The Defense: ANTIBOT.PW

GTA 6 Hacker Found To Be Teen With Amazon Fire Stick In Small Town Hotel Room

Lapsus$: Court finds teenagers carried out hacking spree

Security advisory: malicious crate rustdecimal

Poland investigates cyber-attack on rail network - BBC News

Met Police admits details of officers at risk of exposure after warrant card supplier was hacked

CVE-2023-36844 And Friends: RCE In Juniper Devices

MOVEit, the biggest hack of the year, by the numbers

Technical Advisory – SonicWall Global Management System (GMS) & Analytics – Multiple Critical Vulnerabilities

Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders – Sophos News

Ransomware infection wipes all CloudNordic servers

Fake Roblox packages target npm with Luna Grabber information-stealing malware

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April | Ars Technica

#NoFilter - Abusing Windows Filtering Platform for Privilege Escalation

British court convicts two teen Lapsus$ members of hacking tech firms

XLoader's Latest Trick | New macOS Variant Disguised as Signed OfficeNote App

Ecuador’s national election agency says cyberattacks caused absentee voting issues

CVE-2023-34127

Sneaky Amazon Google ad leads to Microsoft support scam

Brazilian hacker claims Bolsonaro asked him to hack into the voting system ahead of 2022 vote | AP News

Data Theft Via MOVEit: 4.5 Million More Individuals Affected

Chinese Microsoft hackers also hit GOP Rep. Don Bacon of Nebraska

Threat actors use beta apps to bypass mobile app store security

New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode

Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign

Discord.io confirms breach after hacker steals data of 760K users

The New Frontline of Geopolitics | Understanding the Rise of State-Sponsored Cyber Attacks

Phishing pages placed on hacked websites

Users of cybercrime forums often fall victim to info-stealers, researchers find

Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer

Notorious phishing platform shut down, arrests in international police operation

LinkedIn under attack, malicious hackers seize accounts

PowerHell: Active Flaws in PowerShell Gallery Expose Users to Attacks

Dark Web Profile: 8Base Ransomware

Raccoon Stealer Announce Return After Hiatus

'DoubleDrive' attack turns Microsoft OneDrive into ransomware

This $70 device can spoof an Apple device and trick you into sharing your password

Ransomware tracker: The latest figures [August 2023]

Meet NoEscape: Avaddon ransomware gang's likely successor

Stealth Mode: Chinese Cyber Espionage Actors Continue to Evolve Tactics to Avoid Detection | Mandiant

Mac systems turned into proxy exit nodes by AdLoad

An Apple Malware-Flagging Tool Is ‘Trivially’ Easy to Bypass

Want to pwn a satellite? Turns out it's surprisingly easy

New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips

Analysis: MOVEit hack spawned over 600 breaches but is not done yet -cyber analysts | Reuters

Biden-Harris Administration Launches Artificial Intelligence Cyber Challenge to Protect America’s Critical Software | The White House

Cyber-attack on UK's electoral registers revealed

5 arrested in Poland for running bulletproof hosting service for cybercrime gangs | Europol

Microsoft’s Role in Email Breach by Suspected Chinese Hackers Part of US Inquiry

“Please do not make it public”: Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping

Researchers watched 100 hours of hackers hacking honeypot computers

Interpol takes down 16shop phishing-as-a-service platform

Nearly every AMD CPU since 2017 vulnerable to Inception bug

Spyware maker LetMeSpy shuts down after hacker deletes server data

Don’t you (forget NLP): Prompt injection with control characters in ChatGPT

Midnight Blizzard conducts targeted social engineering over Microsoft Teams

Tenable CEO accuses Microsoft of negligence in addressing security flaw

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability | Rapid7 Blog

Guarding the Bridge: New Attack Vectors in Azure AD Connect

Reptile Malware Targeting Linux Systems

Russia-backed hackers used Microsoft Teams to breach government agencies | TechCrunch

Unpacking the Threats Within: The Hidden Dangers of .zip Domains

Into the tank with Nitrogen

Tomcat Under Attack: Exploring Mirai Malware and Beyond

Apple Crimeware | Massive Rust Infostealer Campaign Aiming for macOS Sonoma Ahead of Public Release

GameOverlay Vulnerability Impacts 40% of Ubuntu Workloads

TETRA Radio Code Encryption Has a Flaw: A Backdoor

Critical Infrastructure Companies Warned to Watch for Ongoing Cyberattack

Ivanti warns of second vulnerability used in attacks on Norway gov’t

U.S. Hunts Chinese Malware That Could Disrupt American Military Operations

Two privilege escalation flaws affect 40% of Ubuntu workloads in OverlayFS

Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws

Cryptojacking: Understanding and defending against cloud compute resource abuse

Apple issues third mobile OS update after zero-click spyware campaign

DDoS threat report for 2023 Q2

Apple slams UK surveillance-bill proposals

Threat Actors Add .zip Domains to Their Phishing Arsenals

JumpCloud says 'nation state' gang hit some customers

CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent

[Security Update] Incident Details

WormGPT - The Generative AI Tool Cybercriminals Are Using to Launch BEC Attacks

Microsoft takes pains to obscure role in 0-days that caused email breach

Inside the subsea cable firm secretly helping American take on China

WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks

WordPress plugin installed on 1 million+ sites logged plaintext passwords

AVrecon malware infects 70,000 Linux routers to build botnet

BlackLotus UEFI Bootkit Source Code Leaked on GitHub

Microsoft changes signing key system breached by Chinese hackers to steal US gov’t data

ShadowVault is the latest Mac data-stealer malware, reportedly

Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation

Chinese hackers breached US government email accounts, Microsoft and White House say | CNN Politics

Chinese hackers breached U.S. and European government email through Microsoft bug

The Spies Who Loved You: Infected USB Drives to Steal Secrets

Hackers exploit gaping Windows loophole to give their malware kernel access

Microsoft Revokes Malicious Drivers in Patch Tuesday Culling

Apple releases emergency update to fix zero-day exploited in attacks

Storm-0978 attacks reveal financial and espionage motives

HCA Healthcare patient data stolen and for sale by hackers

Six Malicious Python Packages in the PyPI Targeting Windows Users

It’s Raining Phish and Scams – How Cloudflare Pages.dev and Workers.dev Domains Get Abused | Trustwave

The five-day job: A BlackByte ransomware intrusion case study

Unmasking the Meduza Stealer: Comprehensive Analysis & Countermeasures

Two spyware tied with China found hiding on the Google Play Store

Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks

Hacks targeting British exam boards raise fears of students cheating

FBI digital sting against Hive cybercrime group shows the promise — and limits — of hacking hackers

Port of Nagoya cyberattack: Japanese port paralysed by LockBit

BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection -

Suspected key figure of notorious cybercrime group arrested in joint operation

Clop Ransomware: History, Timeline, And Adversary Simulation

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Following NoName057(16) DDoSia Project’s Targets

Chinese Threat Actors Targeting Europe in SmugX Campaign

Detecting Popular Cobalt Strike Malleable C2 Profile Techniques

Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator

Decrypted: Akira Ransomware

NCSC marks 20th anniversary of first response to state-sponsored cyber attack

TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant

High school changes every student’s password to ‘Ch@ngeme!’

CVE-2023-27997 is Exploitable, and 69% of FortiGate…

TSMC confirms data breach after LockBit cyberattack on third-party supplier

Malware Execution Method Using DNS TXT Record

SEC notifies SolarWinds CISO and CFO of possible action in cyber investigation

Tracing Ransomware Threat Actors Through Stylometric Analysis and Chat Log Examination

Akira Ransomware Extends Reach to Linux Platform

Swiss intelligence warns of fallout in cyberspace as West clamps down on spies

Microsoft Teams vulnerability allows attackers to deliver malware to employees

Dismantling encrypted criminal EncroChat communications leads to over 6 500 arrests and close to EUR 900 million seized

VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors

Siemens Energy confirms data breach after MOVEit data-theft attack

LetMeSpy, a phone tracking app spying on thousands, says it was hacked

Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution

PindOS: New JavaScript Dropper Delivering Bumblebee and IcedID

PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers

Emerging Threat! Exposing JOKERSPY

IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT Exploits

Dissecting TriangleDB, a Triangulation spyware implant

Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389

BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities | Recorded Future

ASUS urges customers to patch critical router vulnerabilities

KeePassXC Vulnerability CVE-2023-35866 allows attackers to change the master password and second-factor authentication settings

Anonymous Sudan: Who are the hackers behind Microsoft’s cloud outages?

XSS Vulnerabilities in Azure Led to Unauthorized Access to User Sessions - SecurityWeek

Hijacking S3 Buckets: New Attack Technique

Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks

A simple bug exposed access to thousands of smart security alarm systems

A Shady Chinese Firm’s Encryption Chips Got Inside NATO and NASA

Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China

Suspected LockBit ransomware affiliate arrested, charged in US

Fake Security Researcher GitHub Repositories Deliver Malicious Implant

Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities | TechCrunch

Microsoft Encrypted Restricted Permission Messages Deliver Phishing | Trustwave

Cadet Blizzard emerges as a novel and distinct Russian threat actor | Microsoft Security Blog

The Phantom Menace: Brute Ratel remains rare and targeted

Switzerland under cyberattack

Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs

Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign

Xortigate, or CVE-2023-27997 - The Rumoured RCE That Was

CVE-2023-34362

How North Korea’s Hacker Army Stole $3 Billion in Crypto, Funding Nuclear Program

Shell Recharge security lapse exposed EV drivers’ data

Les CFF et le canton d'Argovie aussi concernés par la cyberattaque qui a touché la société Xplain

MOVEit Transfer and MOVEit Cloud Vulnerability

Turkish Citizens' Personal Data Offered Online After Govt Site Hacked

Pro-Ukraine hackers bring Russian banking system to its knees

Another huge US medical data breach confirmed after Fortra mass-hack

Clop Ransomware Likely Sitting on MOVEit Transfer Vulnerability (CVE-2023-34362) Since 2021

Analysis of CVE-2023-29336 Win32k Privilege Escalation

Unmasking the Darkrace Ransomware Gang

CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Threat Brief

ChatGPT creates mutating malware that evades detection by EDR

Mass exploitation of critical MOVEit flaw is ransacking orgs big and small | Ars Technica

Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362)

GobRAT malware written in Go language targeting Linux routers

How malicious extensions hide running arbitrary code

Hackers steal Swiss police and customs data

Russian Radio Stations Hacked, Fake Putin Message Announcing Invasion of Russia Broadcast

MOVEit hack: BBC, BA and Boots among cyber attack victims

New Magecart-Style Campaign Abusing Legitimate Websites to Attack Others | Akamai

Rapid7 Observed Exploitation of Critical MOVEit Transfer Vulnerability

Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals - SecurityWeek

New macOS vulnerability, Migraine, could bypass System Integrity Protection | Microsoft Security Blog

‘Gravity Forms’ WordPress Plugin Found Vulnerable to PHP Object Injection

Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft

“Clickless” iOS exploits infect Kaspersky iPhones with never-before-seen malware | Ars Technica

A Matter of Triangulation.

Zero Day Initiative — CVE-2023-24941: Microsoft Network File System Remote Code Execution

Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor | WIRED

EDR bypassing via memory manipulation techniques | WithSecure™ Labs

New hacking forum leaks data of 478,000 RaidForums members

The professionalization of cyber crime

ABB provides details about IT security incident

Vulnerability in GCP CloudSQL Leads to Data Exposure

Here’s how long it takes new BrutePrint attack to unlock 10 different smartphones

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

Inner workings revealed for “Predator,” the Android malware that exploited 5 0-days

Old Wine in the New Bottle: Mirai Variant Targets Multiple IoT Devices

NHS data breach: trusts shared patient details with Facebook without consent | Health | The Guardian

Armenia spyware victims: Pegasus hacking in war

COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises | Mandiant

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868) - Help Net Security

Chinese Cyberespionage Group BRONZE SILHOUETTE Targets U.S. Government and Defense Organizations

Free VPN Service SuperVPN Exposes 360 Million User Records

Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign

Barracuda identified a vulnerability (CVE-2023-2868) in our Email Security Gateway appliance (ESG) on May 19, 2023.

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

Malvertising via brand impersonation is back again

German arms company Rheinmetall confirms Black Basta ransomware group behind cyberattack

IT employee impersonates ransomware gang to extort employer

Apple fixes three new zero-days exploited to hack iPhones, Macs

Don't @ Me: URL Obfuscation Through Schema Abuse

BlackCat Ransomware Deploys New Signed Kernel Driver

Up to 100 cases taken over HSE cyberattack, judge told

Beijing Bans Micron as Supplier to Big Chinese Firms, Citing National Security

Popular Android TV boxes sold on Amazon are laced with malware

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

Visualizing QakBot Infrastructure

“FleeceGPT” mobile apps target AI-curious to rake in cash

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

GitHub - vdohney/keepass-password-dumper

Discord discloses data breach after support agent got hacked

SIM Swapping and Abuse of the Microsoft Azure Serial Console: Serial Is Part of a Well Balanced Attack

Malicious VSCode extensions with more than 45K downloads steal PII and enable backdoors - Check Point Blog

Review and analysis of fake Trezor cryptowallet

FBI confirms access to Breached cybercrime forum database

Securonix Threat Labs Security Advisory: Latest Update: Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

Hackers offer personal information of 500,000 Israeli students for sale

Ex-ByteDance Executive Accuses TikTok Parent Company of ‘Lawlessness’

How an Indiana hospital fought to recover from a cyberattack

The Race to Patch: Attackers Leverage Sample Exploit Code in Wordpress Plugin | Akamai

Toyota: Car location data of 2 million customers exposed for ten years

Multinational tech firm ABB hit by Black Basta ransomware attack

White Phoenix: Beating Intermittent Encryption

Critical Privilege Escalation in Essential Addons for Elementor Plugin Affecting 1+ Million Sites

Uncovering RedStinger - Undetected APT cyber operations in Eastern Europe since 2020

Akira Ransomware is “bringin’ 1988 back”

infosec company owned completely by 4chan user

Google will provide dark web monitoring to all US Gmail users

Ghost in the network

Cybersecurity Firm Breach Exposes Tobacco Giant Philip Morris

Tennessee, Georgia colleges respond to cyberattacks as school year wraps up

New phishing-as-a-service tool “Greatness” already seen in the wild

Leak of Intel Boot Guard Keys Could Have Security Repercussions for Years

Deconstructing a Cybersecurity Event

Global Surveillance: The Secretive Swiss Dealer Enabling Israeli Spy Firms - National Security & Cyber

Justice Department Announces Court-Authorized Disruption of the Snake Malware Network Controlled by Russia's Federal Security Service

How macOS now tracks the provenance of apps

Snake: Coming soon in Mac OS X flavour – Fox-IT International blog

Microsoft May 2023 Patch Tuesday

Apple Fails to Fully Reboot iOS Simulator Copyright Case

oss-sec: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory

‘PlugwalkJoe’ pleads guilty for the massive 2020 Twitter hack - The Verge

The Team of Sleuths Quietly Hunting Cyberattack-for-Hire Services

On the trail of the Dark Avenger: the most dangerous virus writer in the world

WordPress Advanced Custom Fields Pro plugin <= 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Dump these Cisco phone adapters because it's not fixing them

MSI Breach Leaks Intel BootGuard & OEM Image Signing Keys, Compromises Security of Over 200 Devices & Major Vendors

OpenAI’s regulatory troubles are just beginning

Who Gets the Algorithm? The Bigger TikTok Danger

Can Better Training Reduce the Success Rate of Phishing Attacks?

From Campus Rape Cases to Child Abuse Reports, ‘Worst-Case’ Data Breach Rocks MN Schools

The malware threat landscape: NodeStealer, DuckTail, and more

Atomic Stealer | Threat Actor Spawns Second Variant of macOS Malware Sold on Telegram

Passkeys: What they are and how to use them

Bad Actors Are Joining the AI Revolution: Here’s What We’ve Found in the Wild

AI-Powered 'BlackMamba' Keylogging Attack Evades Modern EDR Security

SolarWinds: The Untold Story of the Boldest Supply-Chain Hack

What is a Rapid Security Response (RSR)

BouldSpy: Android Spyware Tied to Iranian Police Targets Minorities

Apple uses iOS and macOS Rapid Security Response feature for the first time

FIN7 tradecraft seen in attacks against Veeam backup servers

Investigating ChatGPT phishing detection capabilities

AI Chatbots Have Been Used to Create Dozens of News Content Farms

LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities

DOJ Detected SolarWinds Breach Months Before Public Disclosure

Magecart threat actor rolls out convincing modal forms

Hackers Leaked Minneapolis Students' Psychological Reports, Allegations of Abuse

RTM Locker Ransomware as a Service (RaaS) Now on Linux - Uptycs

Never Connect to RDP Servers Over Untrusted Networks

Mirai Botnet Attackers Exploit TP-Link Router Bug

Attackers Use Containers for Profit via TrafficStealer

Cyble — Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram

VMware Patches Critical Vulnerability Disclosed at Pwn2Own Hacking Contest

Smartphones With Popular Qualcomm Chip Secretly Share Private Information With US Chip-Maker

Meet the hacker armies on Ukraine's cyber front line

Analysis of Pre-Auth RCE in Sophos Web Appliance (CVE-2023-1671)

Software Maker 3CX Was Compromised in First-of-its-Kind Threaded Supply-Chain Hack

X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe

'RustBucket' malware targets macOS

Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack

3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible

Threat Actors Rapidly Adopt Web3 IPFS Technology

‘AuKill’ EDR killer malware abuses Process Explorer driver

Black Basta claims it's selling off stolen Capita data

in2al5d p3in4er is Almost Completely Undetectable

LockBit for Mac | How Real is the Risk of macOS Ransomware?

Apple’s high security mode blocked NSO spyware, researchers say | TechCrunch

Summary of the Investigation Related to CVE-2023-0669

Triple Threat: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains

QBot banker delivered through business correspondence

CVE-2023-21554: MSMQ

Analyzing an arm64 mach-O version of LockBit

Linux kernel logic allowed Spectre attack on major cloud

Google Chrome emergency update fixes first zero-day of 2023

The (Not so) Secret War on Discord

A Computer Generated Swatting Service Is Causing Havoc Across America

Espionage campaign linked to Russian intelligence services

New hacker advocacy group seeks to protect work of security researchers

Vice Society: A Tale of Victim Data Exfiltration via PowerShell, aka Stealing off the Land

Hackers claim vast access to Western Digital systems

Discord member details how documents leaked from closed chat group

Nokoyawa ransomware attacks with Windows zero-day

Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)

DEV-0196: QuaDream’s “KingsPawn” malware used to target civil society in Europe, North America, the Middle East, and Southeast Asia

Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers - The Citizen Lab

Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch

Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign

Data-leak flaw in Qualcomm, HiSilicon-based Wi-Fi AP chips

MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog

Cyble — Demystifying Money Message Ransomware

Leaked Pentagon Document Claims Russian Hacktivists Breached Canadian Gas Pipeline Company

From Discord to 4chan: The Improbable Journey of a US Intelligence Leak - bellingcat

MSI Confirms Breach as Ransomware Gang Claims Responsibility

Samsung Fab Workers Leak Confidential Data While Using ChatGPT

Cyble — New Cylance Ransomware with Power-Packed CommandLine Options

ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access

Special Report: Tesla workers shared sensitive images recorded by customer cars | Reuters

Apple fixes two zero-days exploited to hack iPhones and Macs

Stopping cybercriminals from abusing security tools

Resecurity uncovers STYX, new cybercriminal platform focused on financial fraud - Help Net Security

Mac Malware MacStealer Spreads as Fake P2E Apps

Troy Hunt: Seized Genesis Market Data is Now Searchable in Have I Been Pwned, Courtesy of the FBI and "Operation Cookie Monster"

Rilide: A New Malicious Browser Extension for Stealing Cryptocurrencies

Chinese fraudsters: evading detection and monetizing stolen credit card information

Who Broke NPM?: Malicious Packages Flood Leading to Denial of Service

National Cyber Force reveals how daily cyber operations protect the UK

Winter Vivern | Uncovering a Wave of Global Espionage

Rorschach – A New Sophisticated and Fast Ransomware

3CX Desktop App Compromised (CVE-2023-29059)

Android app from China executed 0-day exploit on millions of devices | Ars Technica

Cyble — Cl0p Ransomware: Active Threat Plaguing Businesses Worldwide

Western Digital discloses network breach, My Cloud service down

New Money Message ransomware demands million dollar ransoms

Pinduoduo: One of China's most popular apps has the ability to spy on its users, say experts

Meet the FSB contractor: 0Day Technologies

Qakbot mechanizes distribution of malicious OneNote notebooks

Information on Attacks Involving 3CX Desktop App

Creal: New Stealer Targeting Cryptocurrency Users Via Phishing Sites

Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe

Spyware vendors use 0-days and n-days against popular platforms

‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics

3CX VoIP Software Compromise & Supply Chain Threats

3CX Security Alert for Electron Windows App

Ironing out (the macOS details) of a Smooth Operator

3CX: Supply Chain Attack Affects Thousands of Users Worldwide

Hackers compromise 3CX desktop app in a supply chain attack

3CX users under DLL-sideloading attack: What you need to know

New OpcJacker Malware Distributed via Fake VPN Malvertising

The criminal use of ChatGPT – a cautionary tale about large language models

Guidance for investigating attacks using CVE-2023-23397

France bans all recreational apps from government devices

MacStealer: New macOS-based Stealer Malware Identified

NCA infiltrates cyber crime market with disguised DDoS sites

Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online - Microsoft Community Hub

Shining Light on Dark Power: Yet Another Ransomware Gang

OK, it’s time to freak out about AI

New victims come forward after mass-ransomware attack

Emotet resumes spam operations, switches to OneNote

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

Journalist opens USB letter bomb in newsroom

Session Cookies, Keychains, SSH Keys and More | 7 Kinds of Data Malware Steals from macOS Users

Reversing Emotet Dropping Javascript

Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace

BlackMamba ChatGPT Polymorphic Malware | A Case of Scareware or a Wake-up Call for Cyber Security?

A Fake Project Related to the Sandbox Malspam

Wave of Arrests Hits Cybercriminals

Pixel Markup vulnerability allows screenshots to be un-redacted

Google says hackers could silently own your phone until Samsung fixes its modems

Everything We Know About CVE-2023-23397

Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation

BatLoader Continues to Abuse Google Search Ads to Deliver…

Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)

Ransomware Attacks Have Entered a ‘Heinous’ New Phase

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)

Ransomware Group Claims Hack of Amazon's Ring

Prometei botnet improves modules and exhibits new capabilities in recent updates

Rogue CyberSecurity Company Employee Tried To Sell Powerful, Stolen iPhone Malware For $50-Million

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers

Czech cybersecurity office labels TikTok a security threat

Ransomware gang posts video of data stolen from Minneapolis schools

Medusa ransomware gang picks up steam as it targets companies worldwide

Telehealth startup Cerebral shared millions of patients' data with advertisers

Netcat Attack Cases Targeting MS-SQL Servers (LOLBins)

SCARLETEEL: Operation leveraging Terraform, Kubernetes, and AWS for data theft

Gang leaks Lehigh Valley Health Network cancer patient photos as part of data hack

New HiatusRAT router malware covertly spies on victims - Lumen

A Noteworthy Threat: How Cybercriminals are Abusing OneNote

CVE-2023-27532

Acer Breached, Hacker Selling Access to 160GB of Stolen Data

Meta’s LLaMA Leaked to the Public, Thanks To 4chan

PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

Germany and Ukraine hit two high-value ransomware targets

We Found 28,000 Apps Sending Data to TikTok. A Ban Won't Help.

PyPi Packages Deliver Python Remote Access Tools

Credit Suisse breach spills info of high-net-worth clients

Biden National Cyber Strategy Seeks to Hold Software Firms Liable for Insecurity

FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy

How cybercriminals attack young gamers

BlackLotus UEFI bootkit: Myth confirmed

West ill-prepared to deal with evolving cyber threats, report concludes

Hunting for Honkbox | Multistage macOS Cryptominer May Still Be Hiding

Lumma Stealer targets YouTubers via Spear-phishing Email | by S2W | S2W BLOG | Feb, 2023 | Medium

U.S. Marshals Service hack compromises sensitive info

Danish parliament urges to remove TikTok over cybersecurity

LastPass breach update: The few additional bits of information

Canada bans TikTok on government devices

Hard-to-spot Mac crypto-mining threat, XMRig, hits Pirate Bay

PureCrypter targets government entities through Discord - Blog | Menlo Security

Stanford University discloses data breach affecting PhD applicants

Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966

TA569: SocGholish and Beyond

EXFILTRATOR-22 - An Emerging Post-Exploitation Framework

OneNote Embedded file abuse

Suspect in major data theft case linked to Dutch-subsidized cybersecurity org

A year after Russia's invasion, the scope of cyberwar in Ukraine comes into focus

Beware of macOS cryptojacking malware.

Valve bans 40,000 Dota 2 cheaters through ‘honeypot’ patch

"Fobo" Trojan distributed as ChatGPT client for Windows

The Growing Threat of ChatGPT-Based Phishing Attacks

Google Delivers Record-Breaking $12M in Bug Bounties

Activision's Data Breach Contains Employee Information, Call of Duty and More, Report

Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs

Sensitive US military emails spill online

Hackers Start Selling Data Center Logins for Some of World’s Largest Corporations

The Gravediggers: How Eliminalia, a Spanish reputation management firm, buries the truth

Fog of war: how the Ukraine conflict transformed the cyber threat landscape

Magecart Attack Disguised as Google Tag Manager | Akamai

Ransomware pushes City of Oakland into state of emergency

German airport websites downed by DDoS attacks

FBI says it has 'contained' cyber incident on bureau's computer network

Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day

GoDaddy: Hackers stole source code, installed malware in multi-year breach

Hacker Uncovers How to Turn Traffic Lights Green With Flipper Zero

Microsoft February 2023 Patch Tuesday

Cisco warns of critical flaw in ClamAV antivirus

Hyundai and Kia issue software upgrades to thwart theft hack

Ethical hackers can now legally hack Belgian companies

The Israelis Destabilizing Democracy and Disrupting Elections Worldwide - National Security & Cyber - Haaretz

Ces hackers israéliens qui ont piraté les élections en Afrique

Havoc Across the Cyberspace

IoC detection experiments with ChatGPT

Bogus URL Shorteners Redirect Thousands of Hacked Sites in AdSense Fraud Campaign

New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign

Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack

Apple sued for promising privacy, failing at it

Iran marks revolution anniversary, hackers interrupt state TV coverage

Uncle Sow: Dark Caracal in Latin America

Killnet Threat to Health and Public Sectors

Investigating Intrusions From Intriguing Exploits

Xiaomi, OnePlus, Top Android Phones in China Spy on You: Study

UK cracks down on ransomware actors

HTML Smuggling: The Hidden Threat in Your Inbox

Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs

2023 Crypto Crime Trends: Illicit Cryptocurrency Volumes Reach All-Time Highs Amid Surge in Sanctions Designations and Hacking

Bitwarden password vaults targeted in Google ads phishing attack

OpenSSL fixes High Severity data-stealing bug – patch now!

Russia-linked Lockbit ransomware hacking gang threatens to publish Royal Mail data stolen in cyber attack

Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations - ASEC BLOG

Iran responsible for Charlie Hebdo attacks

Onenote Malware: Classification and Personal Notes

Detecting OneNote Abuse

No Macro? No Worries. VSTO Being Weaponized by Threat Actors

Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide

Exploitation of GoAnywhere MFT zero-day vulnerability

Ransomware Roundup – Trigona Ransomware

.NET Virtualization Thrives in Malvertising Attacks

No Pineapple! –DPRK Targeting of Medical Research and Technology Sector

Following the Scent of TrickGate: 6-Year-Old Packer Used to Deploy the Most Wanted Malware

OneNote Documents Increasingly Used to Deliver Malware

Qakbot's Evolution Continues with New Strategies

HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign

Hospitals urged to tighten DDoS defenses after health data found on Killnet list

Pro-Russian DDoS attacks raise alarm in Denmark, U.S.

Google sponsored ads malvertising targets password manager

Action needed for GitHub Desktop and Atom users

‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide

Analyzing and remediating a malware infested T95 TV box from Amazon

Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations

IT specialists search and recruitment on the dark web

Exploring Killnet's Social Circles

A Major App Flaw Exposed the Data of Millions of Indian Students

Chinese PlugX Malware Hidden in Your USB Devices?

An unfaithful employee leaked Yandex source code repositoriesSecurity Affairs

Cybercriminals stung as HIVE infrastructure shut down

The Titan Stealer: Notorious Telegram Malware Campaign

Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats

Apple patches are out – old iPhones get an old zero-day fix at last!

Following the LNK metadata trail

Threat groups are using Windows LNK files to gain access

Bitzlato: senior management arrested

how to completely own an airline in 3 easy steps

U.S. ‘No Fly List’ Leaks After Being Left in an Unsecured Airline Server

Hostile Takeover: Kraken Hacks Rival Darknet Market Solaris

Darth Vidar: The Dark Side of Evolving Threat Infrastructure

Risky Biz News: Crypto-crime volumes went down in 2022, ransomware payments too

New GTA Online exploit now allows cheaters to ban your account

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)

PayPal Notifies 35,000 Users of Data Breach

ManageEngine CVE-2022-47966 Technical Deep Dive

T-Mobile hacked to steal data of 37 million accounts in API data breach

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner

DNS changer in malicious mobile app used by Roaming Mantis

Batloader Malware Abuses Legitimate Tools Uses Obfuscated JavaScript Files in Q4 2022 Attacks

Apple launches major security updates around the world

Mailchimp says it was hacked — again

Russian founder of a cryptocurrency exchange known for funneling ransomware profits arrested

Assessing Potential Exploitation of Sophos Firewall and CVE-2022-3236

Can you rely on macOS Ventura for malware protection?

7 Ways Threat Actors Deliver macOS Malware in the Enterprise

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Google Ads Exploited to Spread Malware

Google Ads Malware Wipes NFT Influencer's Crypto Wallet

Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”

Vice Society ransomware leaks University of Duisburg-Essen’s data

NortonLifeLock warns that hackers breached Password Manager accounts

Sustaining Digital Certificate Security - TrustCor Certificate Distrust

Compromise of employee device, credentials led to CircleCI breach

A Police App Exposed Secret Details About Raids and Suspects | WIRED

Watch: Ukraine Army Video Tells Russians How to Surrender to a Drone

Accidentally Crashing a Botnet

Pro-Russia hackers use Telegram, GitHub to attack Czech presidential election

Royal Mail ransomware attackers threaten to publish stolen data

NoName057(16) - The Pro-Russian Hacktivist Group Targeting NATO

StrongPity espionage campaign targeting Android users

Misconfigured PostgreSQL Used to Target Kubernetes Clusters

Raspberry Robin's botnet second life

The OWASSRF + TabShell exploit chain

New Paper on Old Threema Protocol

Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots

Schools hit by cyber attack and documents leaked

Twitter leak: 200m+ account database now free to download

Slack Security Update

Cyberattack shutters the Guardian's office for a month

CircleCI warns of security breach — rotate your secrets!

Jenkins discloses dozens of zero-day bugs in multiple plugins

Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More

How do you know when macOS detects and remediates malware?

Data of over 200 million Deezer users stolen, leaks on hacking forum

New CatB Ransomware Employs 2-Year Old DLL Hijacking Technique To Evade Detection

Shc Linux Malware Installing CoinMiner

Ukraine Has Digitized Its Fighting Forces on a Shoestring

The Mac Malware of 2022 👾

Compromised PyTorch-nightly dependency chain between December 25th and December 30th, 2022.

U.S. targeted adversary cyber infrastructure to safeguard midterm vote

Ransomware gang gives decryptor to Toronto’s SickKids Hospital

Russian cyberattacks - Special Services - Gov.pl website

New YouTube Bot Malware Spotted Stealing User’s Sensitive Information

Pure coder offers multiple malware for sale in Darkweb forums

zhuowei/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.

Twitter in data-protection probe after '400 million' user details up for sale

ZINC weaponizing open-source software - Microsoft Security Blog

ZetaNile: Open source software trojans from North Korea

New RisePro Stealer distributed by the prominent PrivateLoader

Cost of data breaches to surpass US$5mn per incident in 2023

What’s in a PR statement: LastPass breach explained

Shlayer Malware: Continued Use of Flash Updates

Shlayer malware abusing Gatekeeper bypass on macOS

L’art de l’évasion How Shlayer hides its configuration inside Apple proprietary DMG files

Hacker claims to be selling Twitter data of 400 million users

Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins

Raspberry Robin Malware Targets Telecom, Governments

Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development - SentinelOne

An infostealer comes to town: Dissecting a highly evasive malware targeting Italy

Notice of Recent Security Incident

New Ransomware Strains Emerging from Leaked Conti’s Source Code

Meddler-in-the-Middle Phishing Attacks Explained MitM

Stolen certificates in two waves of ransomware and wiper attacks

New Kiss-a-dog Cryptojacking Campaign Targets Docker and Kubernetes

A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?

Guardian hit by serious IT incident believed to be ransomware attack

Okta's source code stolen after GitHub repositories hacked

2022: A Look Back On A Year Of Mass Exploitation

SentinelSneak: Malicious PyPI module poses as security software development kit

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

GoTrim: Go-based Botnet Actively Brute Forces WordPress Websites

Support King, banned by FTC, linked to new phone spying operation

Google ads lead to fake software pages pushing IcedID (Bokbot)

How ChatGPT can turn anyone into a ransomware and malware threat actor

Global crackdown against DDoS services shuts down most popular platforms

Microsoft-signed malicious Windows drivers used in ransomware attacks

A Custom Python Backdoor for VMWare ESXi Servers

Apple fixes 'actively exploited' zero-day security vulnerability affecting most iPhones

Mallox Ransomware showing signs of Increased Activity

Released: Citrix ADC and Citrix Gateway (security bulletin CTX474995) security update

Check Point Research analyzes files on the Dark Web and finds millions of records available

Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper - Check Point Research

Scammers Are Scamming Other Scammers Out of Millions of Dollars

Phylum Detects Ongoing Typosquat/Ransomware Campaign in PyPI and NPM

Apple announces 3 new security features

Cisco discloses high-severity IP phone zero-day with exploit code

Pilfered Keys Free App Infected by Malware Steals Keychain Data

Cryptocurrency Scam - Pig Butchering

Pulse Connect Secure: A View from the Internet

Gaming firm Razer wins lawsuit against IT vendor over data leak, awarded $8.7m in damages

Hitching a ride with Mustang Panda

New MuddyWater Threat: Old Kitten; New Tricks

Apple rolls out end-to-end encryption for iCloud backups

Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets

Leaked: The Altrnativ world of cybersurveillance

Top 10 macOS Malware Discoveries in 2022

Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities

Vice Society: Profiling a Persistent Threat to the Education Sector

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems

Blowing Cobalt Strike Out of the Water With Memory Analysis

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Post-quantum cryptography: What is Emmanuel Macron talking about?

Purpose Built Proxy Services and the Malicious Activity They Enable

CVE-2022-21661: Exposing Database Info via WordPress SQL Injection

Connected medical devices are the Achilles' heel of healthcare orgs - Help Net Security

Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium

Preparing for a Russian cyber offensive against Ukraine this winter

Darknet markets generate millions in revenue selling stolen personal data

The Mystery of Metador | Unpicking Mafalda’s Anti-Analysis Techniques

Google Online Security Blog: Memory Safe Languages in Android 13

Multiple Organisations compromised by Critical Authentication Bypass Vulnerability in Fortinet Products (CVE-2022-40684)

Lastpass says hackers accessed customer data in new breach

LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling

U.S. bans sale and import of some tech from Chinese companies Huawei and ZTE

Detecting and Fingerprinting Infostealer Malware-as-a-Service platforms

Ransomware Roundup: Cryptonite Ransomware

Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US

Android SharkBot Droppers on Google Play Underline Platform's Security Needs

Why would you want to hack Electric Vehicle Charging Stations?

Researchers Explore Hacking VirusTotal to Find Stolen Credentials

Over 2 million users Affected with Browser Hijackers

Aurora: a rising stealer flying under the radar

A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup

Endurance Ransomware Claims Breach of US Federal Government

Vanuatu: Hackers strand Pacific island government for over a week

Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend

Exploit released for actively abused ProxyNotShell Exchange bug

Making Cobalt Strike harder for threat actors to abuse

Wi-Spy

Technical Analysis of the RedLine Stealer

AXLocker, Octocrypt, and Alice: Leading a new wave of Ransomware Campaigns

Michigan school districts reopen after three-day closure due to ransomware attack

A Comprehensive Look at Emotet’s Fall 2022 Return

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Firefox fixes fullscreen fakery flaw – get the update now! – Naked Security

New RapperBot Campaign – We Know What You Bruting for this Time

Google Reaches $391.5 Million Settlement With States Over Location Tracking Practices

CVE-2022-45047: Apache MINA SSHD unsafe deserialization vulnerability

BumbleBee Zeros in on Meterpreter

Apple Hit With Class Action Alleging It Tracks Users Despite Privacy Assurances

LockBit ransomware suspect nabbed in Canada, faces charges in the US

Compromising Plesk via its REST API

Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)

PNG Steganography Hides Backdoor

Massive ois[.]is Black Hat Redirect Malware Campaign

Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns

Attacking Apple's Neural Engine

Prigozhin interests and Russian information operations

Mysterious company with government ties plays key internet role

Microsoft fixes many zero-days under attack

The Case of Cloud9 Chrome Botnet

A cyberattack blocked the trains in Denmark

Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression

Insurance giant settles NotPetya lawsuit, signaling cyber insurance shakeup

Inside the global hack-for-hire industry

Crime group hijacks hundreds of US news websites to push malware

Last Week on My Mac: Home truths about macOS

Department for Education warned after gambling companies benefit from learning records database

How Qatar hacked the World Cup

Apple's Poor Patching Policies Potentially Make Users' Security and Privacy Precarious

Microsoft ties Vice Society hackers to additional ransomware strains

Crimson Kingsnake: BEC Group Impersonates…

Exploiting Static Site Generators: When Static Is Not Actually Static

Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor

Malware on the Google Play store leads to harmful phishing sites

Malicious App Developer Remains on Google Play

U.S. banks processed about $1.2 billion in ransomware payments in 2021

Nothing PUNY About OpenSSL (CVE-2022-3602)

Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack

New Azov data wiper tries to frame researchers and BleepingComputer

Unmasking WindTape - Speaker Deck

How we handled a recent phishing incident that targeted Dropbox

Dormant Colors browser hijackers could be used for more nefarious tasks, report says

The Hunt for the Kingpin Behind AlphaBay, Part 1: The Shadow | WIRED

Inside TheTruthSpy, the stalkerware network spying on thousands • TechCrunch

What is ransomware-as-a-service and how is it evolving?

Incident Report: Employee and Customer Account Compromise

SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri

LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company

Pro-PRC DRAGONBRIDGE Influence Campaign Leverages New TTPs to Aggressively Target U.S. Interests, Including Midterm Elections

Stranger Strings: An exploitable flaw in SQLite

Advisory: Atlassian Jira Align Application, Version… | Bishop Fox

Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries

TommyLeaks and SchoolBoys: Two sides of the same ransomware gang

“Dormant Colors”: Live Campaign With Over 1M Data Stealing Extensions Installed

Intelligence Insights: October 2022

Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability

Operation Jackal: Interpol arrests Black Axe fraud suspects

Exploited Windows zero-day lets JavaScript files bypass security warnings

Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1

Reverse Engineering the Apple MultiPeer Connectivity Framework

How Vice Society got away with a global ransomware spree | Ars Technica

Starlink signals can be reverse-engineered to work like GPS—whether SpaceX likes it or not

Archive Sidestepping: Emotet Botnet Pushing Self-Unlocking Password-Protected RAR

From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind

Domestic Kitten campaign spying on Iranian citizens with new FurBall malware

TeamTNT Returns – or Does It?

SafeBreach Uncovers Fully Undetectable Powershell Backdoor

A New Attack Surface on MS Exchange Part 4 - ProxyRelay!

CVE-2022-42889: Keep Calm and Stop Saying "4Shell"

Cyble Phishing ERMAC Android Malware Increasingly Active

Ransom Cartel Ransomware: A Possible Connection With REvil

New “Prestige” ransomware impacts organizations in Ukraine and Poland

Microsoft Office 365 Message Encryption Insecure Mode of Operation | WithSecure™ Labs

New PHP Variant of Ducktail Infostealer Targeting Facebook Business Accounts

Software Delivery Shield protects the software supply chain

Threat Alert: Private npm Packages Disclosed via Timing Attacks

Alchimist: A new attack framework in Chinese for Mac, Linux and Windows

Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike

POLONIUM targets Israel with Creepy malware

Malicious WhatsApp mod distributed through legitimate apps

The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform

New US Executive Order unlikely to satisfy EU law

Fake Ransomware Infection Under widespread

Intel Confirms Alder Lake BIOS Source Code Leak

Software Supply Chain Attackers; Organized, Persistent, and Operating for over a Year

On Agent Compromise in the Field

Jamf Threat Labs identifies macOS Archive Utility vulnerability allowing for Gatekeeper bypass (CVE-2022-32910)

White House announces new surveillance guardrails to meet EU Privacy Shield expectations

CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy

CVE-2022-41352

Man arrested for alleged data breach SMS scam

MSSQL, meet Maggie. A novel backdoor for Microsoft SQL…

How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000

Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse

PHP Supply Chain Attack on Composer

Bumblebee: increasing its capacity and evolving its TTPs

Malicious Tor Browser spreads through YouTube

A glimpse into the shadowy realm of a Chinese APT: detailed analysis of a ShadowPad intrusion – NCC Group Research

DeftTorero TTPs in 2019–2021

Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors | Mandiant

Lazarus hackers abuse Dell driver bug using new FudModule rootkit

Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium

Ukraine warns of 'massive cyberattacks' coming from Russia on critical infrastructure sites

Mystery Hackers Are ‘Hyperjacking’ Targets for Insidious Spying

Chaos is a Go-based Swiss army knife of malware

Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server

Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East

ZINC weaponizing open-source software

Lindy Cameron at Chatham House security and defence conference 2022

BumbleBee: Round Two

NullMixer drops Redline Stealer, SmokeLoader and other malware | Securelist

Lazarus ‘Operation In(ter)ception’ Targets macOS Users Dreaming of Jobs in Crypto

Slack’s and Teams’ Lax App Security Raises Alarms

Poseidon’s Offspring: Charybdis and Scylla

In the footsteps of the Fancy Bear: PowerPoint mouse-over event abused to deliver Graphite implants

GRU: Rise of the (Telegram) MinIOns

BitBucket Server and Data Center at risk via Command Injection Vulnerability

Resolved RCE in Sophos Firewall (CVE-2022-3236)

New Malware Campaign Targets Zoom Users

2K Games' Support System Hacked

Tarfile: Exploiting the World With a 15-Year-Old Vulnerability

Noberus Ransomware: Darkside and BlackMatter Successor Continues to Evolve its Tactics

Malicious OAuth applications abuse cloud email services to spread spam

Void Balaur | The Sprawling Infrastructure of a Careless Mercenary

The Apple security landscape: Moving into the world of enterprise risk

Apple Kills Passwords in iOS 16 and macOS Ventura | WIRED

Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime

Revealed: US Military Bought Mass Monitoring Tool That Includes Internet Browsing, Email Data

Los Angeles School District Hit by Ransomware Attack

Online Attack Disrupts Michigan School District for 2nd Day

LockBit ransomware builder leaked online by “angry developer”

Azure Cloud Shell Command Injection Stealing User’s Access Tokens

Threat Alert: New Malware in the Cloud By TeamTNT

Chromium Blog: Announcing the Launch of the Chrome Root Program

Six months into Breached: The legacy of RaidForums?

Revolut hack exposes data of 50,000 users, fuels new phishing wave

Credential Gathering From Third-Party Software

Malvertising on Microsoft Edge's News Feed pushes tech support scams

Ermittlungserfolg gegen Ransomware-Gruppierung

GTA 6 gameplay leaks online in 90 videos

Security update

Iran’s cyberwar goes global

Webworm: Espionage Attackers Testing and Using Older Modified RATs

RedLine spreads through ads for cheats and cracks on YouTube

Undermining Microsoft Teams Security by Mining Tokens

How Human Traffickers Force Victims Into Cyberscamming

Charming Kitten: “Can We Have A Meeting?”

Breach of software maker used to backdoor as many as 200,000 servers

New Wave of Espionage Activity Targets Asian Governments

Bumblebee Returns with New Infection Technique

Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing

Dead or Alive? An Emotet Story

The Curious Case of “Monti” Ransomware: A Real-World Doppelganger

Inside Fog Data Science, the Secretive Company Selling Mass Surveillance to Local Police

Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Government Organizations

Microsoft investigates Iranian attacks against the Albanian government

Crimeware Trends | Ransomware Developers Turn to Intermittent Encryption to Evade Detection

Conti vs. Monti: A Reinvention or Just a Simple Rebranding?

PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin

MagicRAT: Lazarus’ latest gateway into victim networks

Shikitega - New stealthy malware targeting Linux

Mirai Variant MooBot Targeting D-Link Devices

QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign

SafeBreach Uncovers New Remote Access Trojan (RAT)

Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users

Sharkbot is back in Google Play

Hackers Create Traffic Jam in Moscow by Ordering Dozens of Taxis at Once Through App

PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks

Tech tool offers police ‘mass surveillance on a budget’

Researchers found one-click exploits in Discord and Teams

Traffers: a deep dive into the information stealer ecosystem

FTC says data broker sold consumers’ precise geolocation, including presence at sensitive healthcare facilities

EU and Greece veer toward standoff over wiretapping scandal – POLITICO

Kimsuky’s GoldDragon cluster and its C2 operations | Securelist

Revealing Europe's NSO

An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware

Linux Kernel Exploit (CVE-2022-32250) with mqueue

Roasting 0ktapus: The phishing campaign going after Okta identity credentials

Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks - Microsoft Security Blog

MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone

Legitimate SaaS Platforms Being Used to Host Phishing Attacks

XCSSET Malware Update | macOS Threat Actors Prepare for Life Without Python

Vulnerability in Linux containers – investigation and mitigation

THREAT ANALYSIS REPORT: Bumblebee Loader – The High Road to Enterprise Domain Control

Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads

Lloyd’s to Exclude Catastrophic Nation-Backed Cyberattacks From Insurance Coverage

CVE-2022-27925

Google And Cloudflare Are Changing The Trust Infrastructure of the Internet: A Long Goodbye to RSA and a Hello to ECC and ECDSA

New macOS malware 'CloudMensis' detected and prevented

Overview of the Cyber Weapons Used in the Ukraine

Reservations Requested: TA558 Targets Hospitality and Travel

Making Sense of the Killnet, Russia’s Favorite Hacktivists

Disrupting SEABORGIUM’s ongoing phishing operations

Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies | WeLiveSecurity

North Korean hackers use signed macOS malware to target IT job seekers

An inside view of domain anonymization as-a-service

The Return of LOIC, HOIC, HULK, and Slowloris to the Threat Landscape

DigitalOcean says customer email addresses were exposed after latest Mailchimp breach – TechCrunch

Impact to DigitalOcean customers resulting from Mailchimp security incident

Ransomware Now Threatens the Global South

Zoom’s latest update on Mac includes a fix for a dangerous security flaw

NHS IT supplier held to ransom by hackers

Cisco confirms May attack by Yanluowang ransomware group

Phishers who breached Twilio and targeted Cloudflare could easily get you, too

Hands-on with Lockdown Mode in iOS 16

You're M̶u̶t̶e̶d̶ Rooted

Palo Alto bug used for DDoS attacks and there's no fix yet

The Hacking of Starlink Terminals Has Begun

CISA warns of Windows and UnRAR flaws exploited in the wild

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

So RapperBot, What Ya Bruting For?

Greek intelligence service admits spying on journalist

Last Week on My Mac: Is your Mac still secure from malware?

Woody RAT: A new feature-rich malware spotted in the wild

A Detailed Analysis of the RedLine Stealer

Manjusaka: A Chinese sibling of Sliver and Cobalt Strike

Large-Scale AiTM Attack targeting enterprise users of Microsoft email services

Raccoon Stealer v2: The Latest Generation of the Raccoon Family

Investigation report about the abuse of the Mac Appstore | by Privacy1St

A Cyberattack Illuminates the Shaky State of Student Privacy

Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us

Microsoft links Raspberry Robin malware to Evil Corp attacks

IPFS: The New Hotbed of Phishing

SEKOIA.IO Mid-2022 Ransomware Threat Landscape

LockBit Implements New Technique by Leaking Victim Negotiations

LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

Justice Department seizes $500K from North Korean hackers who targeted US medical organizations

8220 Gang Massively Expands Cloud Botnet to 30,000 Infected Hosts

Kaspersky report on Luna and Black Basta ransomware

Exclusive: U.S. probes China's Huawei over equipment near missile silos

[CVE-2022-34918] A crack in the Linux firewall

Google ads lead to major malvertising campaign

Russia Released a Ukrainian App for Hacking Russia That Was Actually Malware

China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors

I see what you did there: A look at the CloudMensis macOS spyware

Pegasus used to spy on protesters, a popular actress, and dozens more in Thailand, report shows

Busting browser fails: What attackers see when they hack your employees’ browser

Joker, Facestealer and Coper banking malwares on Google Play store

How I Hacked my Car Guides: Creating Custom Firmware

North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware

Did You Know Your Browser’s Autofill Credentials Could Be Stolen via Cross-Site Scripting (XSS)

Google Play hides app permissions in favor of developer-written descriptions

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

Ongoing phishing campaign can hack you even when you’re protected with MFA

European Central Bank head targeted in hacking attempt

Vice Society: a discreet but steady double extortion ransomware group

The US military wants to understand the most important software on Earth

A New Attack Can Unmask Anonymous Users on Any Major Browser

Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog

Europe’s PegasusGate: Countering spyware abuse

Verified Twitter accounts phished via hate speech warnings

Predatory Sparrow: Who are the hackers who say they started a fire in Iran?

THREAT ALERT: Raspberry Robin Worm Abuses Windows Installer and QNAP Devices

'I can fight with a keyboard': How one Ukrainian IT specialist exposed a notorious Russian ransomware gang

Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents

Google Let Sberbank-Owned RuTarget Harvest User Data for Months

This Is the Code the FBI Used to Wiretap the World

Cybersecurity experts question Microsoft's Ukraine report

After invasion of Ukraine, a reckoning on Russian influence in Austria

China Police Database Was Left Open Online for Over a Year, Enabling Leak

How a fake job offer took down the world’s most popular crypto game

Why the Equation Group (EQGRP) is NOT the NSA | xorl %eax, %eax

Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine

Dutch university wins big after Bitcoin ransom returned

Microsoft finds Raspberry Robin worm in hundreds of Windows networks

Ransomware review: June 2022

Mandiant Finds Possible Link Between Kremlin, Pro-Russian ‘Hacktivists’

Flubot: the evolution of a notorious Android Banking Malware

The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact

ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks

Facing reality? Law enforcement and the challenge of deepfakes

FBI warns hackers are using deepfakes to apply for jobs

Unrar Path Traversal Vulnerability affects Zimbra Mail

Conti vs. LockBit: A Comparative Analysis of Ransomware Groups

LockBit 3.0 introduces the first ransomware bug bounty program

The Untold Story of NotPetya, the Most Devastating Cyberattack in History

Python packages upload your AWS keys, env vars, secrets to the web

The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

From NtObjectManager to PetitPotam

Conti ransomware finally shuts down data leak, negotiation sites

NSA, Partners Recommend Properly Configuring, Monitoring PowerShell in New Report

7-zip now supports Windows ‘Mark-of-the-Web’ security feature

Raspberry Robin gets the worm early

The forgotten SUAVEEYEFUL FreeBSD software implant of the EQUATION GROUP

The curious tale of a fake Carrier.app

Spyware vendor targets users in Italy and Kazakhstan

APT ToddyCat

Defending Ukraine: Early Lessons from the Cyber War

Microsoft Plans to Eliminate Face Analysis Tools in Push for ‘Responsible A.I.’

How Russia’s vaunted cyber capabilities were frustrated in Ukraine

Council conclusions on a Framework for a coordinated EU response to hybrid campaigns

Nothing Has Changed: Website Retailers Selling Domains Meant for Illicit Goods and Services, Digital Citizens Alliance Investigation Finds

The Cybersecurity 202: Internet domain names are ripe for scam during coronavirus crisis

FBI says fraud on LinkedIn a 'significant threat' to platform and consumers

Russia's APT28 uses fear of nuclear war to spread Follina docs in Ukraine

Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack

BRATA is evolving into an Advanced Persistent Threat

What It Means that the U.S. Is Conducting Offensive Cyber Operations Against Russia

Last Week on My Mac: Introducing XProtect Remediator, successor to MRT – The Eclectic Light Company

Analysis of dark web posts selling access to corporate networks

Telerik UI exploitation leads to cryptominer, Cobalt Strike infections

Police Linked to Hacking Campaign to Frame Indian Activists

Zimbra Email - Stealing Clear-Text Credentials via Memcache injection

A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys

Linux Threat Hunting: 'Syslogk' a kernel rootkit found under development in the wild

Vulnerability discovered in Apple M1 chip

SeaFlower 藏海花 A backdoor targeting iOS web3 wallets

Lyceum .NET DNS Backdoor

ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat

Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat

EXCLUSIVE: U.S. Government Ordered Travel Companies To Spy On Russian Hacker For Years And Report His Whereabouts Every Week

Microsoft Diagnostic Tool "DogWalk" Package Path Traversal Gets Free Micropatches (0day/WontFix)

DOJ, FBI shut down marketplace for stolen Social Security numbers - The Record by Recorded Future

Russian Cyberattack Hits Wales-Ukraine Football Broadcast

SVCReady: A New Loader Gets Ready

Liveness tests used by banks to verify ID are ‘extremely vulnerable’ to deepfake attacks

Smartphones Blur the Line Between Civilian and Combatant

TrustPid is another worrying, imperfect attempt to replace tracking cookies

Horde Webmail - Remote Code Execution via Email

Analysis and Attribution of the Eternity Ransomware: Timeline and Emergence of the Eternity Group

Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data

Deadly secret: Electronic warfare shapes Russia-Ukraine war

Zero-Day Exploitation of Atlassian Confluence

Apple has pushed a silent Mac update to remove hidden Zoom web server

US military hackers conducting offensive operations in support of Ukraine, says head of Cyber Command

Android FluBot enters Switzerland – SWITCH Security-Blog

Takedown of SMS-based FluBot spyware infecting Android phones

XLoader Botnet: Find Me If You Can

ICO fines facial recognition database company Clearview AI Inc more than £7.5m and orders UK data to be deleted

Fronton: A Botnet for Creation, Command, and Control of Coordinated Inauthentic Behavior

Gimmick MacOS Malware Spreads Through Customized Files, Enables MacOS CodeSign Bypass - CloudSEK

New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices

Large-scale Analysis of DNS-based Tracking Evasion - broad data leaks included?

Exclusive: Russian hackers are linked to new Brexit leak website, Google says

Anonymous Declares Cyber War Against Pro-Russia Hacker Group Killnet

PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables

Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices - Microsoft Security Blog

Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware

Protecting Android users from 0-Day attacks

The IO Offensive: Information Operations Surrounding the Russian Invasion of Ukraine

Canada bans Huawei and ZTE from 5G networks over security concerns

Fears grow for smaller nations after ransomware attack on Costa Rica escalates

President Rodrigo Chaves says Costa Rica is at war with Conti hackers

Exploiting an Unbounded memcpy in Parallels Desktop

KillNet: Pro-Russian Hacktivists.

Killnet Cyber Attacks Against Italy and NATO Countries

New 'Smart' Cheese Rinds Help Fight Parmesan Fraud

Data Marketplace Selling Info About Who Uses Period Tracking Apps

Critical Privilege Escalation Vulnerability in Jupiter and JupiterX Premium Themes

Researchers devise iPhone malware that runs even when device is turned off

Multi-factor Authentication to Generate $27 Billion Globally for Mobile Operators in 2022, Juniper Research Study Finds

Web ad firms scrape email addresses before you know it

US links Thanos and Jigsaw ransomware to 55-year-old doctor

A closer look at Eternity Malware

EU lands new law to fight off hackers in critical sectors

The Linux Foundation and Open Source Software Security Foundation (OpenSSF) Gather Industry and Government Leaders for Open Source Software Security Summit II

Known macOS Vulnerabilities Led Researcher to Root Out New Flaws

Russia hacked an American satellite company one hour before the Ukraine invasion

npm Supply Chain Attack Targeting Germany-Based Companies

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

Costa Rica declares national emergency after Conti ransomware attacks

Dissecting Saintstealer

Russian TVs, search engines hacked on Victory Day with antiwar message

Apple, Google, and Microsoft commit to expanded support for FIDO standard

Vulnerability Analysis - CVE-2022-1388

From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win

MacOS Two-machine Kernel Debugging

Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation

Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins

How Data Brokers Sell Access to the Backbone of the Internet

Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk

UNC3524: Eye Spy on Your Email

Google Online Security Blog: The Package Analysis Project: Scalable detection of malicious open source packages

Spanish prime minister’s phone ‘targeted with Pegasus spyware’

Russia’s cyber warfare against Ukraine more nuanced than expected

Russian troops in Melitopol plunder $5M farm vehicles from Ukraine -- to find they've been remotely disabled

How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities

OverWatch Insights: Reviewing a New Intrusion Targeting Mac Systems

What does APT Activity Look Like on MacOS?

Jamf Threat Labs identifies Safari vulnerability (CVE-2022-22616) allowing for Gatekeeper bypass

Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

Kaspersky DDoS report, Q1 2022

Zero Tolerance: More Zero-Days Exploited in 2021 Than Ever Before

LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure

CVE-2022-21449: Psychic Signatures in Java

The More You Know, The More You Know You Don’t Know

Pegasus spyware found on 5 French cabinet members' phones

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

Increased Enterprise Use of iOS, Mac Means More Malware

Researcher uses 379-year-old algorithm to crack crypto keys found in the wild

Microsoft Zero-Days, Wormable Bugs Spark Concern

Russia’s Sandworm hackers attempted a third blackout in Ukraine

RaidForums hacking forum seized by police, owner arrested

Git security vulnerability announced

The U.S. is using declassified intel to fight an info war with Russia, even when the intel isn't rock solid

Industroyer2: Industroyer reloaded

CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware

Police Records Show Women Are Being Stalked With Apple AirTags Across the Country

FBI Disrupts Cyclops Blink Botnet Used by Russian Intelligence Directorate

DoS attacks hit Finnish websites during Zelenskyy address • The Register

AcidRain | A Modem Wiper Rains Down on Europe

U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks - The New York Times

Chinese hackers abuse VLC Media Player to launch malware loader

MacOS SUHelper Root Privilege Escalation Vulnerability A Deep Dive Into CVE-2022-22639

Hackers breach MailChimp's internal tools to target crypto customers

Explaining Spring4Shell: The Internet security disaster that wasn’t

Lapsus$: Two UK teenagers charged with hacking for gang

Apple releases macOS 12.3.1, iOS 15.4.1, watchOS 8.5.1 and more - The Mac Security Blog

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit

QNAP warns severe OpenSSL bug affects most of its NAS devices

Putin's hackers gained full access to Hungary's foreign ministry networks, the Orbán government has been unable to stop them

Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests

Lapsus$ and SolarWinds hackers both use the same old trick to bypass MFA

New Lapsus$ Hack Documents Make Okta’s Response Look More Bizarre

Sophos patches critical remote code execution vulnerability in Firewall

When Nokia Pulled Out of Russia, a Vast Surveillance System Remained

Fake sites stealing Steam credentials

Chrome Releases: Stable Channel Update for Desktop

Behold, a password phishing site that can trick even savvy users

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal

Storm Cloud on the Horizon: GIMMICK Malware Strikes at macOS

Lapsus$: when kiddies play in the big league

Updated Okta Statement on LAPSUS$

DEV-0537 criminal actor targeting organizations for data exfiltration and destruction

Anonymous Takes Anti-Putin Battle To Russian People With Printer Attack To Disrupt Kremlin's Propaganda

Lapsus$ hackers leak 37GB of Microsoft's alleged source code

Activists are targeting Russians with open-source "protestware"

Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers

Gas Is Too Expensive; Let’s Make It Cheap!

Sabotage: Code added to popular NPM package wiped files in Russia and Belarus | Ars Technica

PROPHET SPIDER Exploits Citrix ShareFile

Raccoon Stealer: “Trash panda” abuses Telegram

Cyber Security Incident Pushes Ubisoft to Issue Internal Password Reset

Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say | Reuters

Armis Finds Three Critical Zero-Day Vulnerabilities in APC Smart-UPS Devices, Dubbed "TLStorm," Exposing More than 20 Million Enterprise Devices

EU and UK launch antitrust investigation into Google and Meta’s adtech dealings - The Verge

Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups

New method that amplifies DDoSes by 4 billion-fold. What could go wrong?

Belarus conducted widespread phishing campaigns against Ukraine, Poland, Google says

An update on the threat landscape

Samsung confirms hackers stole Galaxy devices source code

Hackers leak 190GB of alleged Samsung data, source code

Cybercriminals who breached Nvidia issue one of the most unusual demands ever

Malware now using stolen NVIDIA code signing certificates

Crypto Bug in Samsung Galaxy Devices: Breaking Trusted Execution Environments (TEEs)

Scam E-Mail Impersonating Red CrossScam E-Mail Impersonating Red Cross

Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement

Cyber Realism in a Time of War

Phishing attacks target countries aiding Ukrainian refugees

Toyota suspends domestic factory operations after suspected cyber attack

Ukrainian cyber resistance group targets Russian power grid, railways

Nvidia Confirms Company Data Was Stolen in Hack

IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine

Ukrainian Researcher Leaks Conti Ransomware Gang Data

The Next Web

Crypto Donations to Ukraine Jumps to $20M

Chinese Cybersecurity Company Doxes Apparent NSA Hacking Operation

2022 Russia-Ukraine war — Cyber group tracker

Twitter and Facebook restricted in Russia amid conflict with Ukraine

Facebook, Twitter remove disinformation accounts targeting Ukrainians

Ukraine border control hit with wiper cyberattack, slowing refugee crossing

Anonymous: the hacker collective that has declared cyberwar on Russia | Ukraine

Nvidia allegedly hacked its hackers, stole its data back

Ukraine takes the resistance to cyberspace, assembling an “IT army” to hack sites from Russia and its allies, calls on tech leaders to get involved

Anonymous hacktivists, ransomware groups get involved in Ukraine-Russia conflict

US microchip powerhouse Nvidia hit by cyber attack

Conti ransomware group announces support of Russia, threatens retaliatory attacks

TrickBot malware operation shuts down, devs move to BazarBackdoor

Ukraine links phishing targeting military to Belarusian hackers

Aquarium Leaks. Inside the GRU’s Psychological Warfare Program

Ukraine: Disk-wiping Attacks Precede Russian Invasion

EXCLUSIVE Ukraine calls on hacker underground to defend against Russia

HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine

New data-wiping malware used in destructive attacks on Ukraine

The Bvp47 - a Top-tier Backdoor of US NSA Equation Group

Find You: Building a stealth AirTag clone | Positive Security

Chinese cyber-attackers 'targeted Taiwanese financial firms'

Horde Webmail 5.2.22 - Account Takeover via Email

Behind the stalkerware network spilling the private phone data of hundreds of thousands

The US is unmasking Russian hackers faster than ever

Pegasus spyware scandal uncovered by fake image file on an iPhone

Who Is Behind QAnon? Linguistic Detectives Find Fingerprints

Cyberattack targets Vodafone Portugal, disrupts services

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

Kazakhstan's Internet Shutdowns Could Be a Warning for Ukraine

VMware Horizon servers are under active exploit by Iranian state hackers

The Elite Hackers of the FSB

Twitter cans 2FA service provider over surveillance claims

Red Cross traces hack back to unpatched Zoho vulnerability

Merck’s $1.4 Billion Insurance Win Splits Cyber From ‘Act of War’

Chrome Zero-Day Under Active Attack: Patch ASAP | Threatpost

New Emotet Infection Method

Russian hackers have obtained sensitive defense information technology by targeting US contractors, according to CISA

Meta to Pay $90 Million to Settle Facebook Data Privacy Lawsuit

Flood of malicious junk traffic makes Ukrainian websites unreachable | Ars Technica

Cyberattack takes Ukraine military, bank websites offline

Apple's AirTag uncovers a secret German intelligence agency

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

Linux-Targeted Malware Increases by 35% in 2021

EDPS Preliminary Remarks on Modern Spyware

KlaySwap crypto users lose funds after BGP hijack

Twitter Tells U.S. Senator It’s Cutting Ties to Swiss Tech Firm

Charting TA2541's Flight

Dropping Files on a Domain Controller Using CVE-2021-43893

Objective-See's Blog

Analyzing a watering hole campaign using macOS exploits

Watering hole deploys new macOS malware, DazzleSpy, in Asia

Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica

New SysJoker Backdoor Targets Windows, Linux, and macOS

SysJoker analyzing the first (macOS) malware of 2022!

Google Docs Comment Exploit Allows for Distribution of Phishing and Malware

Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk

iPhone flaw exploited by second Israeli spy firm-sources

Israelis didn’t care about NSO and Pegasus – until this scandal

Critical Vulnerabilities in PHP Everywhere Allow Remote Code Execution

Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review

ModifiedElephant APT and a Decade of Fabricating Evidence

North Korea Hacked Him. So He Took Down Its Internet

I Used Apple AirTags, Tiles and a GPS Tracker to Watch My Husband’s Every Move - The New York Times

Emsisoft Decryptor for Maze / Sekhmet / Egregor - Emsisoft: Free Ransomware Decryption Tools

[LEAK] Maze + Egregor + Sekhmet keys along with m0yv (expiro) source code

Decryptor released for Maze, Egregor, and Sekhmet ransomware strains | ZDNet

Exposed documents reveal how the powerful clean up their digital past using a reputation laundering firm

Why is the Zoom app listening on my microphone...

Who Needs to Exploit Vulnerabilities When You Have Macros?

Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra

PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)

Helping users stay safe: Blocking internet macros by default in Office

A walk through Project Zero metrics