Buhti Ransomware Gang Exploits Leaked Encryptors to Target Windows and Linux Systems *

Researchers Uncover Predator Android Spyware’s New Data Theft Capabilities *

Critical Vulnerability in Google Cloud's Cloud SQL Service Exposes Confidential Data *

D-Link Fixes Critical Vulnerabilities in its D-View 8.0 Network Device Management Platform *

New Russian-linked Malware 'COSMICENERGY' Targets Industrial Systems *

Threat Actors Found Using Encrypted RPMSG Messages in Microsoft 365 Phishing Attacks *

Barracuda Networks Patches Zero-Day Vulnerability in its Email Security Gateway Appliance *

Zyxel Patches Critical Flaws in its Firewall and VPN Products *

Researchers Uncover New Version of Legion Malware Targeting SSH Servers and AWS Credentials *

Lazarus Group Targets Microsoft IIS Servers to Deploy Malware *

Microsoft Exchange Servers Infected with the New PowerExchange Malware *

GitLab Issues an Emergency Update to Address a Critical Path Traversal Vulnerability *

Hackers Attack 1.5 million WordPress Sites by Leveraging a Cookie Consent Plugin Vulnerability *

Researchers Discover North Korean Kimsuky Group Leveraging Sophisticated Reconnaissance Toolkit *

Asian Government Entities Targeted by Newly Discovered APT Group, GoldenJackal *

Rheinmetall, German Arm Manufacturer, Falls Victim to BlackBasta Ransomware Attack *

Newly Discovered AhRat Malware Disguised in Screen Recording App on Google Play Store *

Newly Discovered Windows Kernel Driver Used by Iranian Hackers to Target Middle East Entities *

'Crypto Phishing Service 'Inferno Drainer' Steals $5.9 Million from Victims *

Microsoft 365 Suffers New Outage Causing Connectivity Issues *

Threat Actor 'GUI-vil' Exploiting AWS EC2 Instance for Crypto-mining Operations *

BlackCat Ransomware Group Employing Malicious Windows Kernel Drivers to Evade Detection *

Hackers Could Chain Two Flaws to Achieve Code Execution in Pimcore *

New Attack Method 'BrutePrint' Found Brute-Forcing Fingerprints on Android Devices *

Threat Actors Use Fake CapCut Websites to Distribute Malware *

Threat Actors Hide TurkoRAT Malware in npm Packages *

Infamous Cyber Group FIN7 is Back With Cl0p Ransomware *

Hackers Employ SIM Swapping to Target Microsoft Azure Machines *

Dish Network Likely Paid Ransom Following the Recent Ransomware Attack *

Luxottica Discloses a Data Breach; 70M Users Info Leaked *

A Faulty Security Update Taken Down ASUS Routers Globally *

CISA Issues a Warning on a Samsung ASLR Bypass Flaw *

Cryptojacking Group Exploits Oracle WebLogic Server for Cryptocurrency Mining *

'Lemon Group' Hacks Millions of Android Devices, Installing Guerilla *

New Vulnerability Discovered in KeePass Exposing Cleartext Master Password *

Retaliatory Cyberattack: Indian Hackers Target Pakistani Embassy Websites Following DDoS Attack on Indian State Police *

Apple Addresses Three New Zero-day Vulnerabilities with Patch Releases *

MalasLocker Ransomware Targets Zimbra Servers, Demands Charitable Donations *

Houthi-Linked Cyber Threat Group OilAlpha Targets Android Users in the Arabian Peninsula *

Unpatched Vulnerability Found in Belkin Wemo Smart Plugs by Researchers *

Malicious Visual Studio Extensions Discovered on Microsoft's VSCode Marketplace by Researchers *

Cisco Addresses Four Critical RCE Flaws in It's Smart Switches *

Chinese Hacking Group "Camaro Dragon" Exploits TP-Link Routers to Target European Organizations *

Hackers Exploit Geacon, a Cobalt Strike Port, to Target macOS Users *

Multiple Flaws Discovered in Kiddoware's Android Application 'Parental Control - Kids Place' *

Hackers Targeting Microsoft Azure Admin Account for Stealthy Access to VMs *

K D Hospital, a Multi-Specialty Healthcare Facility, Falls Victim to Ransomware Attack *

Researchers Found Vulnerabilities in Sierra Wireless, Teltonika Networks, and InHand Networks' Routers *

New APT Group, Lancefly Employs 'Merdoor' Backdoor *

PharMerica Suffers a Data Breach; Over 5.8 Million Patients Impacted *

New Ransomware-as-a-Service Operation, MichaelKors Targets Linux and VMware ESXi Systems *

Threat Actors Target Poorly Managed Microsoft SQL Servers Using CLR SqlShell Malware *

New Ransomware Operation, RA Group Targets US and South Korean Companies *

Rockwell Automation Fixed Multiple Vulnerabilities Present in its Products *

Threat Actors Found Exploiting Recently Fixed WordPress Plugin Vulnerability *

U.S. Transportation Department Suffers Data Breach; 237,000 Employees Impacted *

Greatness, New Phishing-as-a-Service Platform helps Cybercriminals to Generate Convincing Phishing Pages *

Researchers Uncovered a Vulnerability in Ferrari Website, Exposing Sensitive Information *

Researchers Found Multiple Vulnerabilities in Netgear's NightHawk Routers *

Toyota Disclosed Data Breach Exposing Car Location Data of 2 Million Customers for a Decade *

Attackers Exploiting Follina Vulnerability to Distribute XWorm Malware *

Discord Disclosed Data Breach After its Support Agent's Account got Compromised *

FBI and CISA Warns Bl00dy Ransomware Targets Education Sector via PaperCut RCE Flaw *

New APT Group Red Stinger Targeting East Europe's Critical Infrastructures *

Researchers Uncover Stealthier Version of Linux BPFDoor Malware *

ABB, a Swiss Automation Company Struck by the Black Basta Ransomware *

Ransomware Gangs Targeting VMWare ESXi Servers with Leaked Babuk Ransomware Source Code *

Researchers Found Critical Privilege Escalation Vulnerability in Elementor Plugins *

North Korean Hackers Breach South Korea's Seoul National University; KNPA Issues Warning *

Researcher Found New Variant of RapperBot Malware with Cryptojacking Capabilities *

Threat Actors Employ DownEx Malware to Target Government Organizations in Central Asia *

Threat Actors Deploying Aurora Stealer Via Popunder Ads *

Researchers Disclose Info on Zero-Click Windows Vulnerability Enabling NTLM Credential Theft *

New DDoS Botnet Malware AndoryuBot Exploits Critical Ruckus RCE Vulnerability *

SideWinder APT Group Deploys Server-Based Polymorphism Technique in Attacks on Pakistani Government Organizations *

Sysco, a Global Food Chain, Faces Data Breach Impacting Customer and Employee Information *

Critical Linux Kernel Netfilter Vulnerability Enables Root Privilege Escalation *

Microsoft Releases Optional Fix Guidelines for Secure Boot Zero-Day Vulnerability *

Adobe Releases Patch for 14 Vulnerabilities in Substance 3D Painter Software *

Microsoft Patch Tuesday Security Advisory - May 2023 *

Healthcare Solution Provider 'NextGen' Suffers Data Breach Impacting 1 Million Customers *

After MSI Breach, Intel Investigates Intel Boot Guard Private Keys Leak *

FBI Seizes 13 Domains Linked to DDoS-For-Hire Services *

Critical Vulnerability in Siemens Industrial Control Systems Could Disrupt Power Grid *

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine *

Researchers Found SideCopy Group's Phishing Campaign with Indian Military Themed Lures *

Researchers Uncover New Ransomware Operation Dubbed 'Cactus' *

New Ransomware 'Akira' Targets Enterprise Networks *

Vulnerability in OpenAI's Account Validation Process Allows Unlimited Credits *

A Security Incident Exposed Private Tweets of Twitter Circle *

Fortinet Releases Patches for High-Severity Vulnerabilities in FortiADC and FortiOS *

New PaperCut RCE Exploit Bypasses Existing Detections *

Dragon Breath APT Group Targets Gambling Industry Using Double-Clean-App Technique *

Hackers Employ New Web-Inject Toolkit DrIBAN to Target Italian Banking Clients *

Threat Actors Hack Packagist Repository; Dozen PHP Packages Compromised *

New Android FluHorse Malware Targets Users with Malicious Apps *

Updates for Android Fixes a Kernel Flaw used in Spyware Attacks *

ALPHV Gang Breaches Constellation Software in a Ransomware Attack *

Two WordPress Custom Field Plugins Exposes Over 1M Sites to XSS Attacks *

Cisco Disclosed New RCE Vulnerability in Cisco SPA112-Port Phone Adapters *

Meta Thwarts a Malware Campaign that Used ChatGPT to Steal Accounts *

ALPHV Ransomware Added McDermott International to its Victim List *

Researchers Found New Android Subscription Malware 'Fleckpe' on Google Play *

Three New Vulnerabilities Found in Microsoft Azure API Management Service *

City of Dallas Suffers Royal Ransomware Attack Resulting in Shutdown of its IT Systems *

Russian Hacking Group 'Sandworm' Utilizes WInRAR to Erase Ukrainian Government's Data *

New Info-stealing Malware 'NodeStealer' Steal Cookies to Hijack Facebook Accounts *

Dragon Breath Group Employs New Double DLL Sideloading Technique to Evade Detection *

A Data Breach at Brightline Affects 783,000 Pediatric Mental Health Patients *

Hackers Exploit Authentication Bypass Vulnerability and RCE Vulnerability in DVR Devices *

Iranian Government's BouldSpy Android Spyware Found Targeting Minority Groups *

Researchers Uncover Three New Flaws in FRRouting Software *

Cryptocurrency Exchange Platform Level Finance Hacked, Resulting in Loss of 214k LVL Tokens *

CISA Added TP-Link, Apache, and Oracle Vulnerabilities to its Known Exploited Vulnerabilities Catalog *

Servers Running Salesforce Software Are Leaking Sensitive Data *

Researchers Found Threat Actors Distributing New LOBSHOT Malware via Google Ads *

Vietnamese Threat Actor Employs Malverposting Tactics to Infect 500,000 Devices *

Hackers Target AT&T Email Accounts to Steal Cryptocurrency *

Russian Hackers Target Ukrainian Government with Phishing Emails *

Sharpboys Breach Israeli Prime Minister Benjamin Netanyahu's Facebook Account *

Americold, A Leading Cold Storage Company Suffered Outage Followed by Network Breach *

Hackers Found Targeting Vulnerable Veeam Backup Servers Exposed on the Internet *

Zyxel Addresses Critical Vulnerabilities in its Firewall Devices *

Hackers Use Realistic Checkout Forms to Steal Credit Cards *

CISA Issued a Warning about Critical Vulnerabilities in Illumina's DNA Sequencing Systems *

Researchers Found New Variant of ViperSoftX Info-Stealing Malware with Broader Range of Targets *

New macOS Info-stealing Malware 'Atomic' is being Sold Via Private Telegram Channel *

Multiple Malicious Gaming Apps Found Distributing Adware on Google Play *

Russian Hacking Group Found Operating New Politically Motivated Surveillance Campaign Paperbug in Tajikistan *

Researchers Found RTM Ransomware Group Using New Linux Encryptor to Target VMware ESXi Servers *

Researchers Found Chinese Hacking Group Gallium Using New Linux Malware Strains in Cyberespionage *

PrestaShop Releases New Version to Fix a Critical SQL Filtering Vulnerability *

Apache Superset Servers are Vulnerable to Authentication Bypass and RCE Attacks *

Cisco Discloses New Zero-Day Vulnerability in its Prime Collaboration Deployment (PCD) Software *

Evasive Panda Hacking Group Targets Tencent QQ Messaging App with MgBot Malware *

Researchers Found New Version of Mirai Botnet Malware Exploiting a Vulnerability in TP-Link WiFi Routers *

VMware Released Patches for Critical Vulnerabilities Discovered in its Workstation and Fusion Software Hypervisors *

New Critical SLP Vulnerability Allows Massive 2200X DDoS Amplification Attack *

Iranian Hackers Targeting Israel with a PowerLess Backdoor Via Phishing Attacks *

APC Addresses Critical Vulnerabilities in its Easy UPS Online Monitoring Software *

Canadian Directory Publisher Yellow Pages Suffers a Cyberattack Resulting in Data Leak *

Researchers Found New Side Channel Attack Affecting Multiple Generations of Intel CPUs *

Attackers Hacked KuCoin’s Twitter Account to Promote Crypto Scam *

Microsoft 365 Search Outage Impacts Outlook, Teams, and Exchange Online *

Hackers can Abuse Improperly Wiped Corporate-grade Routers to Gain Sensitive Data *

CISA Adds Three More Security Flaws to its Known Exploited Vulnerabilities Catalog *

Researchers Found a New Malware Toolkit Dubbed Decoy Dog via Anomalous DNS Traffic *

In Both Europe and the US, EvilExtractor Seen an Uptick in Malware Activity *

Alongside 3CX Breach, Lazarus X_TRADER Hack Affects Critical Infrastructure *

Google Ads Support Ransomware Gangs to Employ the BumbleBee Malware *

MediaWiki and TWiki-based University Websites Compromised to Spread Fortnite Spam *

GhostToken Flaw Enable Attackers to Hide Malicious Apps in Google Cloud Platform *

American Bar Association Suffers Data Breach, Affecting 1.4 Million Members *

Kubernetes RBAC Exploited in a Large-scale Cryptocurrency Mining Campaign *

African Telecommunication Service Providers are Targeted by Daggerfly Threat Group *

Attackers Abuses Abandoned 'Eval PHP' WordPress Plugin to Compromise Websites *

Lazarus Threat Group Found Using Linux Malware in Fake Job Campaigns *

Two Critical Vulnerabilities Found In Alibaba Cloud's ApsaraDB RDS and AnlayticDB for PostgreSQL *

VMware Addresses Critical Arbitrary Code Vulnerability in its Aria Operations for Logs *

Threat Actors Using AuKill Hacking Tool to Disable EDR Software on Targeted Systems *

PaperCut Warns of Critical Vulnerabilities that are Actively Exploited in the Wild *

Blind Eagle Threat Group's New Multi-Stage Attack Pushes NjRAT Trojan on Compromised Systems *

Researchers Found Attackers Deploying Trigona Ransomware on Unsecured Microsoft SQL Servers *

Pakistani Hackers Transparent Tribe Target Indian Government Agencies Using Linux Malware Poseidon *

Google Addressed Another Zero-Day Vulnerability in Chrome Browser *

Vice Society Ransomware Gang Leaks Data Stolen from US Network Infrastructure Giant CommScope *

Iranian Hackers Leveraging Legitimate Simplehelp Remote Support Software to Carry Out Persistent Attacks *

CISA, FBI Alerts on Russian State-Sponsored APT28 Threat Group Targeting Cisco Routers *

Iranian Hacking Group 'Mint Sandstorm' Targets US Critical Infrastructure in Retaliation to Iranian Attacks *

CISA Adds macOS and Chrome Bugs to its Known Exploited Vulnerabilities Catalog *

A Security Researcher Published New Sandbox Escape PoC Exploit for VM2 Library *

Ex-Conti Members Collaborate with FIN7 Hacking Group to Push New Domino Malware *

QBot Malware is Now Distributed Using Malicious PDFs and Windows Script Files *

New Credential-Stealer Zaraza Bot Targets 38 Different Web Browsers, Including Google Chrome *

Hackers Abused Google Command and Control Red Team Tool in Data Theft Attacks *

New Android Malware Chameleon Targets Users in Australia and Poland *

Researchers Found New LockBit Encryptors Targeting macOS Devices *

The Indian Cybercrime Coordination Center Issued an Alert on 'Hacktivist Indonesia' Group Targeting Govt Websites *

Researchers Found Hackers Using Action1 RMM in Ransomware Attacks *

NCR’s Aloha POS Platform Suffers an Outage as a Result of BlackCat Ransomware *

Attackers are Spreading Android Goldoson Malware Via 60 Google Play Apps *

Kodi Suffered a Data Breach Exposing 400K User Records *

Researchers Found Vice Society Ransomware Using New PowerShell-Based Data Theft Tool in Attacks *

CISA Adds Two Actively Exploited Vulnerabilities in Android and Novi Survey to its KEV Catalog *

Google Chrome Releases Emergency Update to Fix a Zero-Day Vulnerability *

Russian State Sponsored APT29 Group Targeting NATO and European Union Countries *

Researchers Uncover 'Read The Manual' Locker Cyber-criminals *

Researchers Found New Legion Tool with Credential Harvester and SMTP Hijacking Capabilities *

Microsoft Warns of a Phishing Campaign Targeting Tax Preparers and Accounting Firms *

Pakistani Hackers 'Transparent Tribe' Targeting Educational Institutions of India *

Security Researchers Warn to Patch Critical MSMQ Vulnerability in Windows *

Hyundai Suffers Data Breach Exposing Customers’ Personal Data *

Kyocera Addressed a Vulnerability in its Android Printing App that can be Abused to Install Malware *

Fortinet Patches Critical Vulnerability in its FortiPresence *

Microsoft Patch Tuesday Security Advisory - April 2023 *

A New 'By-Design' Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers *

Infected Websites Distributing Monero Malware via Fake Google Chrome Update Errors *

Attackers Hacked iPhones via Invisible Calendar Invites to Drop Spyware *

Microsoft Patched Actively Exploiting Zero-day Vulnerability in Windows CLFS *

SAP Addresses Two Critical-Severity Vulnerabilities in its April 2023 Security Updates *

European HR and Payroll Management Company SD Worx Suffers a Cyberattack *

NPM Repository Flooded with Malicious Packages Causing DoS Attack and Service Unavailability *

Apple Patches Two Zero-day Vulnerabilities on Older iPhones and iPads *

Researchers Found New Cryptojacking Campaign Targeting Linux Machines *

Scammers Using Authentic YouTube Email Address to Lure Users into Providing Credentials *

Iran-based Hackers Carrying Out Destructive Attacks in Disguise as of Ransomware *

Researchers Disclose Critical RCE Flaw in vm2 Sandbox Library *

CISA Urges Agencies to Address Backup Exec Issues Exploited by a Ransomware Gang *

Massive Balada Injector Campaign Targeting WordPress Sites Since 2017 *

MSI Affirms Security Breach Accusations Post Ransomware Attack *

Apple Patches 2-Zero days Exploited to Hack iPhones and Macs *

Cisco Released Patches for Multiple Vulnerabilities in its Various Products *

Medusa Ransomware Acknowledges Cyberattack on the Open University of Cyprus *

Money Message Ransomware Claims MSI Breach; Demands 4 Million USD *

Google Patches Several Security Vulnerabilities with Chrome 112 *

Researchers Found Four Vulnerabilities in the Popular Japanese Word Processor 'Ichitaro' *

CISA Warns on Vulnerabilities Discovered in Nexx Smart Devices *

New Clipper Malware 'CryptoClippy' Targeting Portuguese Cryptocurrency Users *

Researchers Found Threat Group Mantis Using Upgraded Malware to Target Palestinian Entities *

Researchers Found New Version of Typhon Information-Stealer with Enhanced Anti-Analysis and Evasion Capabilities *

Google Announced Android's April 2023 Security Update Addressing Over 65 Vulnerabilities *

Researchers Found New Rilide Malware Targeting Chrome-Based Browsers to Steal Cryptocurrency *

ALPHV Ransomware Exploits Three High-Severity Vulnerabilities in Veritas Backup Software *

Check Point Researchers Spotted New Rorschach Ransomware Deployed Against a US-Based Company *

IRS-Authorized 'eFile.com' Website was Found Serving JavaScript Malware *

HP Announces Critical Information Disclosure Flaw in its LaserJet Printers to be Patched within 90 Days *

Researchers Found New Information-Stealing Malware 'OpcJacker' Used in Malvertising Campaigns *

Hackers Using Malicious WinRAR Self-Extracting Archives to Plant Backdoors on Devices *

Hackers Target Victims of 3CX Supply Chain Attack with Gopuram Malware *

Researcher Found Multiple Vulnerabilities in Osprey Pump Controller *

American Telecommunication Company Lumen Technologies Suffered Two Cyberattacks *

Researchers Discovered a New 'Money Message' Ransomware Extorting $1 Million *

Fake Threat Group Midnight Extorting Previously Breached U.S. Companies *

Researchers Found Cylance Ransomware Targeting Linux and Windows Systems *

TMX Finance and its Subsidiaries Suffers Data Breach Affecting 4.8 Million Customers *

Hackers Exploited a High Severity Flaw in the Elementor Pro WordPress Plugin to Upload Backdoors *

Researchers Found Threat Actors Exploiting 10 Year Old Windows Vulnerability with 'opt-in' Fix in Recent Attacks *

A Severe Super FabriXss Vulnerability has been Discovered in Azure Service Fabric Explorer *

Researchers Found Malware Botnets Exploiting Realtek and Cacti Vulnerabilities *

New AlienFox Toolkit Targets Popular Cloud Services for Credential Harvesting *

Chinese Threat Group RedGolf Uses a Custom Backdoor KEYPLUG to Target Windows and Linux Systems *

Threat Group Winter Vivern Exploiting a Zimbra Vulnerability to Steal NATO Emails *

CISA Added Five Vulnerabilities Exploited to Drop Spyware to its Known Exploited Vulnerabilities Catalog *

A Misconfigured Microsoft Bing Application Allows to Breach the Office 365 Users *

Hackers Compromised 3CX Desktop App Using Digitally Signed and Trojanized Version of 3CX (VOIP) *

Researchers Discovered a New Malware ‘Melofée’ Targeting Linux Server *

QNAP Addresses High Severity Linux Sudo Vulnerability in NAS Devices *

Hackers Exploited 'burn' Smart Contract Function in SafeMoon's Liquidty Pool to Drain $8.9 Million *

Clop Ransomware Breached Crown Resorts' Network by Exploiting GoAnywhere Zero-day Vulnerability *

Security Researchers Disclosed WiFi Protocol Vulnerability Allowing Attackers to Hijack Network Traffic *

Researchers Found Trojanized Tor Browsers Targeting Russians with Crypto-Stealing Malware *

Attackers Targeted European Entities to Distribute Remcos RAT and Formbook Malware *

Pakistan-Based SideCopy APT Group Targeting India's DRDO with Action RAT *

Researchers Found New Variants of IcedID Loader Delivering Other Malware *

A New MacStealer Malware Targeted Mac Users and Stealing iCloud Keychain Credentials *

Apple Fixes WebKit Zero-Day Bug on Older iPhones *

Twitter Removes Source Code that Leaked on GitHub and Searching for Downloaders *

Attackers Targeting U.S. Taxpayers in New Emotet Phishing Campaign *

Critical Flaw in AI Testing Framework MLflow May Expose AI and Machine-Learning Models *

OpenAI Reveals About ChatGPT User Data Exposure Incident *

Microsoft Warn of Outlook Vulnerability Exploited by Russian Attackers *

Procter & Gamble Discloses Data Breach via GoAnywhere Zero-day *

Chinese Nuclear Energy Institutions Targeted by 'Bitter' Espionage Hackers *

Lionsgate's Streaming Network Reveals Over 37 Million Subscribers' Data *

Malicious Python Package Employ Unicode Technique to Evade Detection *

Researchers Disclose Chinese Nation State Hackers' New Attack Strategies *

Threat Actors Targeting 450 Financial Apps Using Android Banking Trojan *

Code Hosting Platform 'GitHub' Swiftly Replaces Exposed RSA SSH Key *

Play Ransomware Gang Publishes Data Stolen From Maritime Firm Royal Dirkzwager *

WordPress Fixed a Critical Vulnerability in WooCommerce Payments Plugin *

BlackGuard Stealer Targeting 57 Cryptocurrency Browser Extensions and Wallets *

Cisco Addressed High Severity Vulnerabilities in its IOS and IOS XE Software *

Microsoft Fixes Windows 11 Snipping Tool's Acropalypse Privacy Flaw *

Researchers Warn About Kimsuky Threat Group Stealing Gmail Content *

Researchers Published Proof-of-Concept (PoC) for Netgear Orbi Mesh Wireless System Vulnerabilities *

A Trojanized ChatGPT Chrome Extension Found Stealing Facebook Accounts *

CISA Warned on Critical Vulnerabilities in Industrial Control Systems Products *

Play Ransomware Gang Released Data Allegedly Stolen From Logistics Services Company Royal Dirkzwager *

Mozilla Fixes Firefox Crash Issue in Windows 11 and macOS Systems *

Hackers Employing New CommonMagic and PowerMagic Malware To Steal Victims' Information *

Threat Actors Targeting Linux Servers with Different Variants of ShellBot Malware *

Fraudsters Extort 1 Crore INR from 81 Users Via a Mobile Payment App *

Threat Actors Exploited a Zero-day Vulnerability in General Byte Bitcoin ATMs *

Ferrari, Italian Luxury Sports Car Manufacturer Discloses a Data Breach *

Realtek SDK, Huawei Routers, and Hadoop YARN Servers are Targeted by New HinataBot Botnet *

FBI, CISA and MS-ISAC Releases Advisory to Warns About LockBit 3.0 Ransomware Attacks *

New Trigona Ransomware Targets Australia, United States and European Countries *

Threat Actors Now Distributing Emotet Malware via Malicious Microsoft OneNote Files *

NBA Suffers Data Breach that Exposes its Fans' Personal Information *

Scammers Abuse Twitter’s 'Quote Tweet' Feature to Target Bank Customers *

Attackers Distributing Android Malware 'FakeCalls' in South Korea *

A Cyberattack at Latitude Financial Services Leads to Data Theft at Two Service Providers *

Google Warned About 18 Zero-Day Flaws in Samsung's Exynos Chipsets *

Attackers Abuse Adobe Acrobat Sign to Deliver Redline Info-Stealing Malware *

Mozilla Announced the Release of Firefox 111 with Dozen of Vulnerability Patches *

Attackers Hacked U.S Federal Agencies Using Old Telerik UI Vulnerability *

Researchers Discovered First Dero Cryptojacking Campaign Targeting Kubernetes *

Healthcare Provider ILS Suffered a Data Breach Exposing 4.2 Million Patient Data *

Researchers Disclosed the Technical Details of Critical Microsoft Outlook Vulnerability *

Tick APT Group Compromised a Data-Loss Prevention Company in East Asia *

CISA Added a Critical Adobe ColdFusion Vulnerability to its Known Exploited Vulnerability Catalog *

New Threat Group YoroTrooper Running Cyber-Espionage Campaign Against CIS Government Organizations *

Rubrik Suffers Data Breach in GoAnywhere Zero-Day Attack *

SAP Addressed Five Critical Vulnerabilities in its Security Updates *

Microsoft Patch Tuesday Security Advisory - March 2023 *

Euler Finance Lost $197 Million in Crypto in Flash Loan Attack *

Dark Pink APT Group Using KamiKakaBot Malware Against Southeast Asian Government and Military Entities *

A Massive Cyberattack Hijacks East Asian Websites to Redirect Victims to Adult Content *

Threat Actors Using AI-generated YouTube Videos to Spread Info-stealer Malware *

Researchers Discovered Critical Security Vulnerabilities in Akuvox E11 Video Doorphone *

Unidentified Attackers Target Government Networks by Abusing New FortiOS Bug in Zero-Day Attacks *

Researchers Disclosed a Cross-Site Search Vulnerability in OpenSea NFT Marketplace *

Researchers Found a New CASPER Attack that Leaks Data from Air-gapped Computers *

German Vehicle Manufacturer BMW Exposes Clients Data and Business Secrets *

U.S. Office Supply Distributor Essendant Suffers Multi-Day Outage *

Updated Version of Prometei Malware Found Infecting 10000 Systems Worldwide *

Clop Ransomware Gang Starts Extorting GoAnywhere Zero-Day Exploit Victims *

Researchers Found BATLOADER Malware Abusing Google Ads to Deliver Secondary Payload *

New Threat Actor UNC2970 Targeting Security Researchers Using New Custom Malwares Families *

Researcher Found New GoBruteforcer Malware Targeting Servers with phpMyAdmin, MySQL, FTP, Postgres Services *

CISA Adds Two Vulnerabilities to its Known Exploited Vulnerabilities Catalog *

Cerebral Healthcare Platform Suffered a Data Breach Affecting 3.18 Million Patients *

Researchers Found the New Variant of Xenomorph Android Malware Targeting Over 500 Banks *

Threat Actors Exploiting Remote Desktop Software Vulnerabilities to Spread PlugX Malware *

New Variant of IceFire Ransomware is Now Actively Targets Linux Systems *

Attackers Targeted Oracle WebLogic Servers with New ScrubCrypt Crypter *

A Chinese Hacking Campaign Targets Unpatched SonicWall SMA Appliances to Install Custom Malware *

AT&T Vendor Hack Results in the Disclosure of 9 Million Customer Records *

Researchers Reported About Bitwarden's Autofill Feature Flaw that can be Abused to Steal Credentials *

New Sharp Panda Campaign Targets Southeast Asian Government Entities with Soul Malware *

Veeam Addressed a High Severity Backup Services Vulnerability Affecting its Backup Infrastructure *

Fortinet Fixed a Critical RCE Vulnerability Affecting FortiOS and FortiProxy *

SYS01stealer: A New Attack Targeting Critical Infrastructure Enterprises Using Facebook Ads *

Transparent Tribe Hackers Employ Trojanized Messaging Apps to Distribute CapraRAT *

Microsoft Releases a Fix for Outlook Login Issues in Exchange Environments *

Acer Discloses Breach Following the Sale of 160GB of Data on a Hacking Site *

The March 2023 Android Update Addresses Two Critical Code Execution Flaws *

New HiatusRAT Malware Found Targeting DrayTek Vigor Routers for Data Theft *

Researcher Found Blackfly APT Group Targeting Asian Entities *

Experts Revealed About a Blind Spot in Google Cloud Platform that Leads to Data Exfiltration Attacks *

Researcher Published Proof-of-Concept for Microsoft Word's Critical RCE Vulnerability *

The Sandbox Blockchain Games’ Employee Account Hacked to Send Malware-Linked Emails *

Threat Actors Using Malicious Microsoft OneNote Attachments to Infect Windows Systems *

Researchers Found New FiXS ATM Malware Targeting Banks of Mexico *

Tennessee State University and Southeastern Louisiana Universities Suffers Cyberattack *

CISA and FBI Warn of Increased Royal Ransomware Attacks *

Researchers Found Thousands of Websites Compromised Using Stolen FTP Credentials *

Threat Actors Launch New Cryptojacking Campaign, Targeting Misconfigured Redis Database Servers *

Microsoft Fixed MMIO Information Disclosure Vulnerabilities in Intel CPUs *

Experts Uncover a Full-Featured Information Stealer and Trojan in a Python Package on PyPI *

Scammers Target Trezor Customers with Fake Data Breach Notifications *

Aruba Networks Patched Six Critical-Severity Vulnerabilities Impacting ArubaOS Versions *

Iron Tiger Attackers Create New Linux Version of their Custom SysUpdate Malware *

Cisco Addresses Critical RCE Vulnerability in Web UI of Multiple IP Phones *

BlackLotus is the First UEFI Bootkit Malware to Bypass Secure Boot Defenses on Windows 11 *

Microsoft Addressed a Global Outage Impacting its Exchange Online Mailboxes *

Blind Eagle Hackers Targeting Colombian Entities via Spear-Phishing *

Attackers Using Advanced Hacking Operation SCARLETEEL to Infiltrate Cloud Services *

Researchers Identified Pair of Security Defects in Trusted Platform Module (TPM) 2.0 *

American TV Giant Dish Network Confirms Ransomware Attack Behind Multi-Day Network Outage *

CISA Alerts on Active Exploitation of ZK Java Framework RCE Flaw *

Attackers Promoting New Exfiltrator-22 Post-Exploitation Framework to Spread Ransomware *

LastPass Releases Additional Information on December 2022 Password Vault Data Breach *

Researchers Found Mysterious Nevada Group Targeting Thousands of Cloud Servers *

Attackers Use LinkedIn URL Shortener to Send Amazon Prime Phishing Emails *

Two Critical Flaws in WordPress Houzez Theme and Plugin are Being Actively Exploited in the Wild *

U.S. Marshal Service Suffered a Data Breach Followed by Ransomware Attack *

Ohio’s Largest Oil Producer Encino Energy Targeted by Cyberattack *

ChromeLoader Campaign Now Distributing Malicious VHD Files Disguised as Game Programs *

Cyberattacks Target Data Center Organizations to Steal Information *

News Corp's Data Breach Statement Reveals Hackers were on it's Network for 2 Years *

Attackers Flood NPM Repository with 15000 Malicious Packages Containing Phishing Links *

American TV Giant Dish Network Suffers an Outage *

Stanford University Suffers Data Breach Affecting 897 PhD Applicants *

Researchers found Unknown Threat Actors Targeting Government Entities with PureCrypter Malware *

Pirated Final Cut Pro Software Targets macOS for Cryptocurrency Mining *

Researchers Discover a Cyber Group Employing Lilith RAT and Atharvan Malware to Target the Material Research Industry *

Dole, a Fruit and Vegetable Company, Hit by a Ransomware Attack *

Analysts Warn of Increasing Attacks Leveraging Zoho ManageEngine Products *

Canada’s Second Largest Telecom TELUS Investigating a Possible Data Breach *

Cisco Addresses High-Severity Vulnerabilities in its Application Centric Infrastructure Components *

Attackers Exploited R1Soft Server Backup Manager Vulnerability to Deploy Backdoor *

New S1deload Info-Stealer Malware Targets YouTube and Facebook Accounts *

Shipping and Medical Laboratories are Targeted by New Threat Actor Hydrochasma *

Hackers Using Fake ChatGPT Apps to Distribute Windows and Android Malware *

VMware Fixed a Critical Injection Flaw in Carbon Black App Control *

CISA Adds Three New Security Flaws to its Known Exploited Vulnerabilities Catalog *

Security Researchers Release the Proof-of-Concept Exploit for Critical Fortinet's FortiNAC RCE Flaw *

Researchers Found MyloBot Botnet Infecting Thousands of Systems Everyday *

Video Game Publisher Activision Suffered a Data Breach *

Pakistani Threat Actor SideCopy Targeting Indian Government Agencies Using ReverseRAT Backdoor *

Apple Updated its Security Advisories to Add New Class of Vulnerabilities *

Researchers Found a New Stealc Malware with Wide Range of Capabilities *

HardBit 2.0 Ransomware Operators Use Victim’s Insurance Details to Set Up Ransom Payment *

Samsung Adds New Security Feature to Protect Against Zero-Click Attack *

Indian Ticketing Platform RailYatri Suffered a Data Breach Affecting 31 Million Customers *

Attacker Targeted Coinbase Employees in Smishing Attack *

Attackers Using New Version of OxtaRAT Backdoor to Target Armenian Entities *

Researchers Found a New WhiskerSpy Backdoor Delivered via Trojanized codec Installer *

Threat Actors Exploiting Microsoft Exchange ProxyShell Vulnerabilities to Deploy Cryptocurrency Miners *

Experts Found Attackers Targeting South Korean Journalists with RambleOn Malware *

Researchers Found New Mirai Botnet Variant Targeting Linux and IoT Devices *

GoDaddy Reports a Multi-Year Security Breach it Suffered *

Threat Actors Targeted Microsoft IIS Servers with New Frebniis Malware *

Fortinet Patches Two Critical Security Flaws in FortiNAC and FortiWeb Product *

CISA Alerts on Windows and iOS Vulnerabilities Exploited as Zero-Days *

Louisiana HBCU's Xavier University Reported a Data Breach that Occurred in November 2022 *

Researchers Found an Authenticated RCE Vulnerability in Arris Router *

Scandinavian Airlines Suffered Cyberattack Exposing Customer Data *

Burton Snowboards Cancelled Online Orders Following Cyber Attack *

RedEyes APT Group Using New Malware 'M2RAT' to Steal Victims' Data *

Splunk Patches High Severity Vulnerabilities in its Enterprise Solution Update *

New Stealthy Malware 'Beep' is Very Focused in Avoiding Detection *

Tonga Communications Corporation Suffers Ransomware Attack *

Hyundai and Kia Car Thefts Rise due to TikTok Challenge *

Hackers Using New MortalKombat Ransomware and Laplas Crypto-Hijacker Targeting U.S Victims *

Community Health Systems Suffers Data Breach Affecting One Million Patients *

Microsoft Exchange Server 2013 Reaches End of Support Lifecycle in April 2023 *

Al-Toufan Hacking Group Targets Websites of Bahrain Airport and News Sites *

Microsoft Patch Tuesday Security Advisory - February 2023 *

United States’ Largest Bottler Pepsi Bottling Ventures Suffers Data Breach *

Garrison Women's Health Suffered Data Breach Affecting 4,000 Patients *

Apple Addressed New Actively Exploited WebKit Zero-Day Vulnerability *

Cloudflare Detects and Mitigates Largest Recorded DDoS Attack *

Modified Version of ESXiArgs Ransomware Blocks VMware Host Recovery *

New Ransomware Group DarkBit Targets Israel's Top Research University Technion *

Threat Actors Hacked Namecheap’s Email Account to Send Phishing Emails *

CISA Warns About North Korean Hackers Targeting Healthcare Organizations in Ransomware Attacks *

CISA Adds Three More Security Flaws to its Known Exploited Vulnerabilities Catalog *

Multiple Medical Groups in California Suffered a Ransomware Attack *

Researchers Found Malicious Packages on PyPI and NPM Repositories *

Play Ransomware Claims Attack on A10 Networks *

Clop Ransomware Gang Claims Exploiting GoAnywhere Zero-Day Flaw *

Microsoft Announces Retirement of Microsoft Support Diagnostic Tool (MSDT) and Troubleshooters *

Researchers Found Multiple Vulnerabilities in Wireless Industrial Internet of Things (IIoT) Devices *

NewsPenguin Threat Actor Targets Pakistani Entities in Phishing Campaign *

Russian Hackers Use Fake Crypto Job Offers to Push Enigma Malware *

Reddit Hit by Cyberattack that Allowed Hackers to Steal Source Code *

The Largest Canadian Bookstore Indigo Suffered a Cyberattack *

Researchers Found Russian Hackers Using New Graphiron Malware to Target Ukraine *

Ross Memorial Hospital in Lindsay Hit by a Cyberattack *

Munster Technological University (MTU) in Ireland Suffers a Major IT Breach *

Multiple Document Management Systems Found with Unpatched Security Vulnerabilities *

Google Released Chrome 110 that Addresses 15 Vulnerabilities *

Pharmaceutical Distributor AmerisourceBergen Hit by a Cyberattack *

Researchers Found New Medusa Botnet Targeting Linux Users *

GuLoader Malware Targets E-commerce Industry Using Malicious NSIS Executables *

Developers Release an Emergency Patch for GoAnywhere MFTaaS's Actively Exploited Zero-Day Flaw *

Researcher Disclosed a Flaw Detected in Toyota's Global Supplier Management System (GSPIMS) *

Google Chrome to End Support for Windows 7,8,8.1, Windows Server 2012, and 2012 R2 Starting February 2023 *

OpenSSL Releases a Patch to Fix High-Severity Vulnerabilities *

U.S. Cellular's Third-Party Vendor Suffers Data Breach Affecting its 52000 Customers *

Researchers Disclosed About High-Severity Format String Vulnerability Present in F5 BIG-IP *

India’s Largest Truck Brokerage Company FR8 Exposes 140GB of Information in a Data Leak *

TgToxic Malware is Targeting Android Users from Southeast Asia *

Hackers Mimicking Ukrainian Ministry Officials to Deploy Malware *

TruthFinder and Instant Checkmate Discloses a Data Breach Affecting 20 Million Consumers *

A New Wave of Ransomware Attacks Targeting ESXi Systems Using a VMware Flaw *

Major Internet and Power Outages Struck Bermuda *

A New Android Banking Trojan is Aimed at Brazilian Financial Institutions *

A GoAnywhere MFT Zero-day Flaw Enables Server Intrusion *

Florida Hospital Shuts Down its IT Systems Post a Cyberattack *

Threat Actors Targeting Vulnerabilities in SugarCRM and Oracle E-Business Suite *

Jira Software from Atlassian has a Critical Authentication Vulnerability *

Hackers from Iran's Oil Rig Using a New Backdoor to Steal Data from Government Agencies *

Hackers Use KoiVM Virtualization Technology to Evade Detection when Installing the Formbook Data Stealer *

North Korean Lazarus Hacking Group Stole 100GB of Data Via Campaign Named "No Pineapple!" *

Financial Software Provider, ION Group, has been Hit by a Ransomware Attack Affected Global Markets *

Cisco Addressed High-Severity Vulnerability in its IOx Application *

Car Retailer Arnold Clark Suffers a Data Breach Claimed by Play Ransomware *

Hackers Stolen the Details of 240,000 Skating Customers from Planet Ice *

Fraudulent Crypto Apps Infiltrate Apple App Store and Google Play Store *

BlackCat Ransomware Gang Claims an Attack on Solar Industries, an Industrial Explosives Manufacturer *

Hackers Used Google Fi Data Breach to Carry Out SIM Swap Attacks *

A Phishing Attack Against Latvia’s Ministry of Defense Linked to Russian Hacking Group *

Guildford County School Suffers a Cyberattack Resulting in Outage *

US Telecommunications Company Charter Communication Impacted by Third-Party Data Breach *

Indianapolis Housing Agency Suffers Ransomware Attack Affecting 212,910 Peoples *

Hackers Advertising New Golang-Based Malware via Telegram Channel *

Attackers Stole Encrypted Code-Signing Certificates of GitHub Desktop for Mac and Atom Apps *

Developers Disagree with a New Vulnerability Reported in KeePass Software *

QNAP Fixes a Critical Vulnerability in its NAS Devices *

UK Retail Company JD Sports Suffered a Data Breach Affecting 10 Million Customers *

A Critical Vulnerability in Lexmark Printers Affects Over 120 Models *

Researchers Found Gootkit Malware with New Components and Obfuscation Techniques *

ISC Patched Multiple High-Severity DoS Vulnerabilities in DNS Software Suite BIND *

Researchers Warn About Multiple Vulnerabilities in Healthcare Software OpenEMR *

Researchers Found Attackers Using Portable USB Storage Devices to Spread New Variant of PlugX Malware *

Several Malicious Apps have been Found on Google Play Store with Over 5 Million Downloads *

Hackers Using New SwiftSlicer Data Wiper to Infect Windows OS *

A Major Microsoft 365 Outage was Caused by a Change in WAN Router IP Address *

A Hacker Group Called Sandworm Attacked a Ukrainian News Agency with Five Data Wipers *

Researcher Found 75,000 WordPress Sites Still Using Vulnerable LearnPress Plugin Version *

Data Breach Against Two Health Service Organizations Affected 400,000 Individuals *

BayCare Clinic Suffers Data Breach Due to Tracking Pixel Used by Third Party Vendor *

German Airport's Websites, Administration Bodies, and Financial Sector Organizations Suffers DDoS Attack *

New Mimic Ransomware Uses 'Everything' Windows Search Tool to Encrypt Files *

The CISA of Federal Organizations Breached Using Legit Remote Desktop Software *

Phishing Campaigns Employ New Python RAT Malware to Target Windows *

Threat Actors Leveraging Critical Realtek SDK Flaw in Millions of Attacks *

North Korean Hackers Actively Harvesting Credentials in the Latest Cyberattacks *

Zacks Investment Research Security Breach Affects 820,000 Customers *

Researchers Found Threat Actors Abusing Google Ads to Spread Malware *

DragonSpark Attackers Group Use Golang Malware to Evade Detection *

Several Microsoft Services Including Teams, Outlook, Store Stop Responding: Microsoft Probes Outage *

Arm Mali GPU Vulnerability Leads to Arbitrary Kernel Code Execution and Root on Pixel 6 Phones *

A Vulnerability in Diksha App Exposed Personal Information of Millions of Indian Teachers and Students *

Zendesk Suffered Data Breach After its Employee Fell into Phishing Attack *

Security Researchers Disclosed Two Security Flaws in Samsung's Galaxy Store App for Android *

Apple Backported Security Patches for Zero-Day Vulnerability in Older iPhone and iPad Models *

Nunavut Energy Supplier Qulliq Energy Corporation Suffered a Cyberattack *

Roaming Mantis Adds New DNS Changer to its Android Malware to Hack WiFi Routers *

Costa Rica's Ministry of Public Works and Transport (MOPT) Hit by Ransomware Attack *

Riot Games’ Development Environment Compromised Via Social Engineering Attacks *

Drupal Patches Vulnerabilities that Lead to Information Disclosure *

Chinese Hackers Leverages a Fortinet Flaw as a Zero-day Exploit to Drop Malware *

Hackers Actively Using OneNote Attachments to Spread Malware *

Researchers Dismantle Massive Ad-fraud Operation Dubbed 'Vastflux' *

Over 19,000 End-of-life Cisco Routers Vulnerable to RCE Attacks *

The Windows 10 KB5019275 Preview Update Comprises 14 Fixes *

Vulnerabilities of Critical Significance OpenText Enterprise Content Management System Patched *

Gamaredon Company Utilizes Telegram to Launch Cyberattacks Against Ukraine *

Hackers May Abuse GitHub Codespaces Functionality to Host and Disseminate Malware *

Researchers Discovered a New Banking Trojan Hook with RAT Capabilities *

Researchers Discovered a Critical RCE Flaw Dubbed EmojiDeploy in Microsoft Azure Services *

T-Mobile Disclosed Data Breach Affecting 37 Million Customers' Personal Information *

Attackers Hacked 34,942 PayPal Users Accounts in Credential Stuffing Attack *

Cisco Announced Patches for a High-Severity SQL Injection Vulnerability in Unified CM and CM SME *

Oracle Addresses 327 Security Vulnerabilities in its January 2023 Critical Patch Update *

HR Management Platform Myrocket.co Exposed Personal Information of Millions of Job Candidates *

CERT Coordination Center Disclosed Critical Security Flaws in Netcomm and TP-Link Routers *

Researcher Found NjRAT Trojan Being Distributed Via New Earth Bogle Campaign *

MailChimp Suffers a Breach After Attackers Gained Employee Credentials *

CISA Alerts on Vulnerabilities in Siemens, GE Digital, and Contec ICS Products *

Researchers Warn of Critical RCE Vulnerability in Zoho ManageEngine Products *

Nissan North America Suffers Data Breach Due to Poorly Configured Third-Party Vendor Database *

Microsoft Azure Services were Vulnerable to Unauthorized Access to Cloud Resources *

Git Patched Two Critical Severity Security Flaws that Allow Hackers to Execute Arbitrary Code *

Threat Actor ‘Lolip0p’ Uploaded Three Malicious Packages on PyPi Platform *

ODIN Intelligence's Website Defaced and Breached *

DNV's ShipManager Software Suffers a Ransomware Attack Affecting Thousands of Shipping *

Vice Society Ransomware Gang Leaked Sensitive Data from University of Duisburg-Essen *

Hackers Leaked Sensitive Files From San Francisco Transit Police Online *

Researcher Found Android TV Box with Pre-installed Malware *

Cryptocurrency Wallet Provider MetaMask Warns Users of a New Address Poisoning Scam *

Majority of Cacti Servers Found Unpatched against Critical Vulnerability Resulting in Attacks *

The Website of Canada's Largest Alcohol Retailer Hacked to Steal Credit Card Information *

Researchers Found CircleCI Security Incident was Caused by Info-Stealing Malware *

Hackers Breached NortonLifeLocks's Password Manager Accounts *

Polyglot Files are Used by Cybercriminals to Distribute Malware Undetected *

WordPress Plugins Found Vulnerable to Critical SQL Injection Flaws along with PoCs *

Researchers Found EyeSpy Malware Being Spread Via Trojanized VPN Installers *

Attackers Exploiting a Patched FortiOS SSL-VPN Zero-day Vulnerability Against Government Networks *

IcedID Malware Attack Compromised Active Directory Domain *

Researchers Found Hackers Actively Exploiting a Critical Flaw in Control Web Panel *

Cisco Discovers Three Vulnerabilities in Asus Router Software *

Researchers Disclosed SymStealer Security Vulnerability in Google Chrome and Chromium-Based Browser *

Australia's Fire Rescue Victoria Suffers Data Breach Claimed by Vice Society Ransomware Gang *

Gootkit Loader Abuses VLC Media Player to Infect Australian Healthcare Organizations *

Google Released Chrome 109 to Fix 17 Vulnerabilities *

New Advanced Threat Actor Dark Pink Using Custom Malware Against Government and Military Entities *

Cisco Warns About Critical Auth Bypass Vulnerability Found in End-of-Life Routers *

Scattered Spider Threat Actors Employing Vulnerable Intel Drivers to Evade Detection *

UK's Leading Mail Delivery Service Royal Mail Suffers Severe Service Disruption Following Cyberattack *

CISA Adds Two More Security Flaws to its Known Exploited Vulnerabilities Catalog *

Security Researchers Found Cryptographic Weaknesses in Threema Messaging App *

Zoom Fixes Multiple Flaws Exposing Windows and macOS Users *

Iowa's Largest School District Des Moines Public School Hit by Cyberattack *

StrongPity Hackers Targeted Android Users with a Trojanized Version of Telegram App *

Over 1,300 Fake AnyDesk Sites Found Delivering Info-Stealing Vidar Malware *

Auth0 Project Releases a Patch for RCE Flaw in the JsonWebToken Library *

Scammers Abusing Open Redirect on the UK DEFRA Website to Redirect Visitors to Fake Dating Sites *

Hackers Breached Kubernetes Clusters as Part of a Malware Campaign Via PostgreSQL Database *

CISA Alerts on High-Severity Vulnerabilities Affecting Hitachi Energy Products *

Russian Threat Group Cold River Targets Three US Nuclear Research Laboratories *

Attackers Spreading NetSupport Malware Masquerading as Pokemon Card Game to Infect Users *

MedStar Mobile Healthcare Suffers Ransomware Attack Affecting 612,000 Customers *

Threat Actors Using CAPTCHA Bypass Tactics on GitHub in Freejacking Campaign *

Hackers Bypass Firewalls Restrictions Using CloudFlare Tunnels *

Air France and KLM Suffers Data Breach; Several Customers Accounts Hacked *

Fast Food Restaurant Chain 'Chick-fil-A' Suffers Data Breach *

Rackspace's Customer Data Accessed in Ransomware Attack *

Microsoft Releases Temporary Patch for ODBC Database Connection Issues *

A New Variant of Dridex Malware Actively Attacking Windows OS and macOS Systems *

CircleCI Releases a Security Alert to Warn Users about Cyber Attack *

Bluebottle Hackers Attacked Banks Using Signed Windows Drivers *

Database of Cricketsocial.com Exposed Private Customer Data and Administrator Credentials *

Five Guys Burger Chain Suffers Data Breach Impacting Job Applicants *

Researchers Found Sudden Increase in SpyNote Android Malware Infection Rates *

New SHC-Compiled Linux Malware Found Installing Cryptominers and DDoS Bots *

Multi-Flaw Updates are Released for Qualcomm Chipsets and Lenovo ThinkPad *

Zoho Patches a Critical SQL Injection Vulnerability in its ManageEngine Products *

Multiple Car Brand's API Flaws Exposed Owner's Personal Data *

Fortinet Released Patches for High-Severity Vulnerabilities Found in FortiADC and FortiTester *

LockBit Ransomware Group Claims Ransomware Attack on Los Angeles Housing Authority *

Royal Ransomware Group Claims Data Breach Attack on Queensland University of Technology *

Threat Actors Using Stolen Information of Colombian Bank Customers as Lures in Phishing Emails *

Synology Fixed Critical Vulnerability in VPN Plus Server Software *

PyTorch Admins Reveals About Malicious PyTorch-nightly Dependency *

Bristol Community College Hit by Ransomware Attack *

A Telekom Malaysia Company Suffers a Data Breach Affecting Over 250,000 Customer Accounts *

Scripps Health Agrees to Pay $3.5 million to the Victims Affected in the 2021 Data Breach *

Jakks Pacific Toy Production’s Servers Suffers Ransomware Attack, Hive and BackCat Group Leak Data *

Royal Ransomware Group Claims Cyber attack on Iowa’s Public Broadcasting Network *

The LockBit Ransomware Gang Claims Cyberattack on Port of Lisbon in Portugal *

CISA Warns of Vulnerabilities Impacting TIBCO Software's JasperReports Product *

A Canadian Mining Firm Shuts Down a Mill After it was Attacked by Ransomware *

WordPress Sites are Being Backdoored by New Linux Malware Using 30 Plugin Exploits *

Cert-In Warns Indian Users on LastPass Data Breach and NetApp OnCommandInsight Vulnerability *

Anonymous Twitter User Published 10,000 API Keys of Crypto Trading Platform 3Commas *

CISA Warns of Several Vulnerabilities in Rockwell Automation Controllers *

Royal Ransomware Gang Claims Responsibility for Cyberattack on Telecom Company Intrado *

NETGEAR Fixes a High Severity Vulnerability Affecting Multiple Models of its Wi-Fi Routers *

Hackers Moved their Initial Infection Vector Towards Malicious Excel Add-in Files *

Attackers Abusing Google Ads to Spread Trojanized Software Products *

Hive Ransomware Claims Attack on Louisiana Hospital Impacting 270,000 Patients *

Citrix Patches Critical Severity Vulnerabilities in its ADC and Gateway Servers *

Sargent and Lundy Energy Firm Suffered a Data Breach that Impacted Personal Information of 6,900 Individuals *

A Hacker Claims to have Stolen Data of 30 Million Indian Railways Users *

New YouTube Bot Malware Found Stealing Sensitive Data *

North Korean Lazarus APT Group Targeting NFT Investors in Phishing Campaign *

BlueNoroff Threat Actors Adopted New Techniques to Bypass Windows MotW Protection *

Researchers Found a Password Vulnerability in ZyXEL Indoor Routers *

BTC.com Suffers a Cyberattack Losing Cryptocurrency Worth $3 Million *

New GuLoader Malware Found Adopting New Anti Analysis Techniques to Evade Detection *

Hackers Targeted Bitkeep Wallet Users in Cryptojacking and Drained $8M in Assets *

Researchers Warn of Critical Linux Kernel Vulnerability Affecting SMB Servers Enabled with ksmbd *

Cincinnati State Technical Community College Suffers a Cybersecurity Breach *

Researchers Disclosed a High-Severity Flaw in Kyverno’s Container Image Signature Verification Mechanism *

Researchers Discovered Critical Authentication Bypass Vulnerability in Ghost CMS *

Microsoft Silently Fixed Cross Tenant Network Bypass Flaw in its Azure Container Service *

Researchers Uncover W4SP Stealer in Multiple PyPI Packages Under Various Names *

Threat Actors Deploy New Info-stealer Malware to Infect Software Pirates *

Hackers Actively Exploit WordPress Gift Card Plugin with 50K Installations *

Researchers Warn Indian Officials About Kavach 2FA Phishing Attacks *

Widespread 2FA Bypass Attacks Hit Comcast Xfinity Accounts *

LastPass Suffers a Data Breach Exposing Customer Vault Data *

FIN7 Hackers Use an Auto-Attack Platform to Breach Vulnerable Exchange Servers *

A Hacker Leaked Customer Data of Betting Firm BetMGM on Hacking Forum *

Researchers Disclosed Multiple High-Severity Flaws in Password Management Solution Passwordstate *

The Zerobot Botnet is added with New Capabilities and Exploits New Vulnerabilities *

Researchers Discovered Banking Trojan 'GodFather' Targeting 400 Banks and Crypto Exchanges Applications *

Hackers Gained Profit from Hacking JFK Airport's Taxi Dispatch System *

Hackers Targeted Telecom and Government Systems with Raspberry Robin Worm *

Attackers Hacked Private GitHub Repositories of Okta Company *

Researchers Found Malicious Packages with 'W4SP' Info-Stealer Malware on PyPi Platform *

Hackers Targeting Brazilian Banking Users with New Android Trojan BrasDex *

Security Researchers Suspect KMSdBot Botnet Offering DDoS-for-Hire Services for Attackers *

Researchers Found New Microsoft Exchange Exploit Used by Play Ransomware to Breach Servers *

Phishing Sites Distributing DarkTortilla Malware *

Researchers Found Fake Malicious ‘SentinelOne’ Package on PyPi Repository *

Meta Platforms Took Down Fake Accounts Operated by Nearly 200 Spyware Vendors Across the Globe *

Play Ransomware Gang Claims Cyberattack on Hotel Chain 'H-Hotels' *

Microsoft Reclassified a Windows Vulnerability as Critical Severity *

Department of Healthcare and Human Services Reports Data of 254K Patients Being Compromised *

Colombian Energy Company EPM Hit by BlackCat Ransomware Attack *

CRM Platform SevenRooms Suffers Data Breach Exposing Customers’ Information *

Samba Releases Security Updates to Address Multiple High Severity Vulnerabilities *

After Being Disrupted by Google, Glupteba Malware is Back *

FBI Warns About BEC Attacks Targeting Food Shipments *

CISA Adds Critical Veeam Backup and Replication Vulnerabilities to its Known Exploited Vulnerabilities Catalog *

Microsoft Warns New Minecraft DDoS Malware Infecting Windows, Linux and IoT Devices *

Researchers found a New MirrorStealer Malware Targeting Japanese Politicians *

Ukrainian Government Networks Breached Using Trojanized Windows 10 Installers *

New Phishing Campaign Uses Facebook Posts to Evade Email Security *

Hacker Posted Social Blade's User Data on Hacking Forum Stolen in Data Breach *

5.7M Gemini Users’ Personal Information Leaked in Third-Party Vendors’ Data Breach Incident *

FuboTV Suffers Streaming Outage Due to Cyberattack *

Australia's TPG Telecom Suffers a Data Breach Affecting 15,000 Customers *

Ransomware Hackers Using Microsoft-Signed Drivers to Access Systems *

FBI Seizes 48 Booter or Stresser Online Platforms that Used for DDoS Attacks *

Unknown Threat Actors Uploaded 144,000 Phishing Packages on NuGet, NPM, and PyPi Open-Source Package Repositories *

Microsoft Fixes the LSASS Memory Leak Flaw Affecting Windows Servers *

VMware Releases Patches for Critical Security Vulnerabilities in ESXi and vRealize *

Microsoft Patch Tuesday Security Advisory - December 2022 *

Stalkware Application Xnspy Found Stealing Data from Thousands of iPhone and Android Devices *

A New Python Backdoor Allows Hackers to Access Compromised VMware ESXi Servers Remotely *

The Global Pravasi Rishta Portal of the Indian Foreign Ministry Leaks Passport Information *

Apple Addressed New Actively Exploited Zero-Day Vulnerability in its Security Updates *

LockBit Ransomware Gang Claims Ransomware Attack on Finance Department of California *

Hive Ransomware Group Claims Attack on Knox College *

Fortinet Released Emergency Patch for Already Exploited FortiOS SSL-VPN Vulnerability *

Nearly 360,000 Individuals' Information was Affected in Ontario COVID-19 Vaccine Data Breach *

A Cryptocurrency Mining Campaign Infects Linux Users with Go-Based Malware Called CHAOS *

Uber Suffers a Data Breach After an Attack on its Third-Party Vendor *

An Iran-Backed MuddyWater Campaign Abuses the Syncro Remote Administration Tool *

Australian Telecom Firm Telstra Apologizes for Data Leak that Exposed 130,000 Customer's Data *

Air Gapped PCs Highly Vulnerable to Data Theft via Power Supply Radiation *

Rackspace Issues a Phishing Warning Following a Ransomware Incident *

Cisco Warns Companies of High Severity Unpatched Flaw Affecting IP Phones Firmware Globally *

Researchers Disclose a Novel Attack Method to Bypass Popular Web Application Firewalls *

An Updated TrueBot Variant Exploiting the Netwrix Auditor Bug and the Raspberry Robin Worm *

Researchers Discover Drokbk a New Malware that Leverages GitHub as a Dead Drop Resolver *

Iranian Hackers Target the Diamond Industry with Fantasy Data-Wiping Malware *

Formbook Malware is Distributed via Trojanized OneNote Document *

Hive Ransomware Group Targeted French Sports Brand Intersport *

CommonSpirit Health Suffered Ransomware Attack that Exposed Data of 623,000 Patients *

Cisco Discloses a High Severity Vulnerability Affecting its IP Phones 7800 and 8800 Series *

New Zerobot Malware Leveraging more than 21 Flaws in Zyxel Firewalls, F5 BIG-IP, D-Link Routers *

Compromised WordPress Plugins Redirect Website Visitors to Push Notification Scam *

Attacker Tried Over 6,000 Attempts to Hack ICMR Server *

The Vice Society Ransomware Gang Targeted more than 30 Schools in 2022 *

Hackers Breached CloudSEK's Confluence Server Using Stolen Employee Credentials *

Attackers found Vulnerability in SiriusXM Platform to Unlock and Start Cars Remotely *

Amnesty International Canada was Allegedly Targeted in Cyberattack by Beijing *

Researchers Discovered Largest Dark Web "In The Box" *

Antwerp's Digital Partner Suffered a Cyberattack Disrupting the City's Digital Services *

VTB Bank, Russia's Second Largest Financial Institution, Suffers Massive DDoS Attack *

Hackers Selling Personal Data Of 150,000 Patients of Tamil Nadu's Sree Saran Medical Centre *

The André-Mignot Teaching Hospital in France Suffers a Ransomware Attack *

A Chain of Three Harmless Linux Vulnerabilities could Allow Hackers to Gain Full Root Privileges *

A Vulnerability in IBM Cloud Databases for PostgreSQL Allows Unauthorized Access *

Researchers Found Malicious Android Apps with More than Two Million Downloads on Google Play Store *

New Zealand Health Insurer Accuro Suffered a Cyberattack Affecting 34,000 Customers’ Data *

North Korean Hacking Group Using New and Fake Crypto Apps to Breach Networks and Steal Cryptocurrency *

Google Fixes a Ninth Zero Day Vulnerability in its Chrome Browser Update *

The Previously Undocumented Data Wiper CryWiper Masquerades as a Ransomware *

Attackers Targeting Unpatched Redis Servers to Drop New Redigo Backdoor *

Multiple Platform Certificates Used by Android OEM Device Vendors used to Digitally Sign the Malware *

Colombian Healthcare Provider Keralty Suffers Ransomware Attack that Disrupts its Operations *

The Schoolyard Bully Malware Infected more than 300,000 Devices to Harvest Facebook Account Credentials *

New DuckLogs Malware-as-a-Service Found to Be Used By Thousands of Cybercriminals *

Researchers Found Some NPM Tools Fail to Display Security Flaws *

NVIDIA Patches Critical GPU Display Driver Vulnerabilities in Windows and Linux *

North Korean Attackers Using New Dolphin Backdoor to Spy on South Korean Targets *

Google Released Chrome 108 to Fix High-Severity Memory Safety Vulnerabilities *

Hackers Breached GoTo's Dev Environment and Cloud Storage; Impacting its Affiliate 'LastPass' *

Researcher found Outdated OpenSSL used in Dell, HP, and Lenovo Devices *

Hive Ransomware Claims Responsibility for Attack on Guilford College in North Carolina *

Attackers using Trigona Ransomware in Increasing Worldwide Attacks *

Malicious Android App 'Symoo' Detected with 100,000 Installs on Google Play Store *

Lanner Patched Over a Dozen BMC Firmware Vulnerabilities *

Southampton County in Virginia Disclosed Theft of Individuals' Personal Information Following Ransomware Attack *

Acer Releases Patches for High Severity Vulnerability Allowing to Disable Secure Boot *

Scammers Used FC Barcelona's Website Domain for Third-Party Fraud Campaign *

Over 5.4 Million Twitter Users' Records are Freely Available on a Hacking Forum *

Researchers Discovered A Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange *

A Ransomware Group Aimed at Belgian Municipality But Hits the Police Instead *

New Ransomware Attacks Targeting Ukraine Organizations Linked to Russian Sandworm Group *

Google Patches a Zero-Day Vulnerability in its Chrome Browser Update *

The Vice Society Ransomware Group Claims Responsibility of Attack on Cincinnati State College *

Hackers Target Windows Gamers with Miners and Info-Stealers via Fake MSI Afterburner *

Researchers Detected New Stealthy Variant of RansomExx Ransomware Developed Using Rust Programming Language *

Hackers Included Spyware in New Variants of SoftVPN and OpenVPN Trojan Software *

Millions of Android Devices Require Patches for ARM Mali GPU Vulnerabilities *

Ducktail Threat Actors Targeting Facebook Business Accounts via WhatsApp *

Security Researchers Disclosed a Cross-Tenant Vulnerability in AWS AppSync Service *

Pro-Russian Hackers Claim Responsibility for DDoS Attack on European Parliament Website *

Delhi's AIIMS Server Suffers a Cyberattack Disrupting Patient Care Services *

Issue in Sophos and McAfee Scanning Engines results in Bypass of Cisco Secure Email Gateway Filter *

Researchers found Sudden Spike in World Cup-Themed Phishing Emails *

The Sharkbot Banking Trojan Distributed via Fake Android File Managers *

Threat Actors Targeted Discontinued Boa Web Servers to Infiltrate Energy Organizations *

More than 1500 Mobile Applications Leaking Algolia API Keys *

An Info-Stealing Google Chrome Extension 'VenomSoftX' is Used to Steal Cryptocurrency and Passwords *

Researchers Found Cybercriminals Increasingly Adopted Aurora Infostealer Malware in their Operations *

Attackers Trying to Bypass 2FA of Crypto Exchange Platforms Via Team Viewer and Fake Support Chat *

Hacking Group Daixin Team Claims to have Stolen 5 Million AirAsia Passengers' and Employees' Data *

DraftKings’ Customers Suffer Credential Stuffing Attack Resulting in Loss of $300,000 *

New AXLocker Ransomware Group Stealing Discord Accounts of Infected Users *

Attackers Using Google Ads to Spread Royal Ransomware *

New Variants of LodaRAT Malware are Being Deployed in Conjunction with Other Sophisticated Malwares *

Hackers Employing a Windows Zero-day Vulnerability to Deploy QBot Malware *

Indian Central Depository Services Limited Reveals About its Network Being Compromised by Malware *

Over 22000 Students Targeted in Credential Phishing Attack Impersonating Instagram *

Critical Omron PLC Vulnerability Exploited by Sophisticated Malware Targeting Industrial Control Systems *

Atlassian Fixes Critical Vulnerabilities in Crowd Server and Bitbucket Server *

Samba Addresses Vulnerability Resulting in DoS Attacks and Remote Code Execution *

Chinese Hackers Deliver Custom Malware to Government Organizations via Google Drive *

Previously Unknown ARCrypter Ransomware Expanding its Attacks Worldwide *

Researchers Discovered a New Version of RapperBot Malware Targeting Gaming Servers *

Researchers Discovered a Phishing Kit Impersonating Well-Known Brands to Target US Consumers *

Attackers Abusing a DLL Hijacking Flaw in the Windows 10 Control Panel to Infect Systems *

Disneyland Cybercrime Group Uses Punycode to Spoof Popular Bank Brands` *

F5 Addresses Several Security Flaws and Issues in its Products *

CISA Revealed About Federal Agency Being Hacked by Iranian Hackers Using Log4Shell Exploit *

Pro-Russian Hackers Claim Responsibility for DDoS Attack on FBI Websites *

Mozilla Announced the Release of Firefox 107 with Patches of High Impact Vulnerabilities *

Hundreds of Amazon RDS Instances Leak Users’ Personal Information *

PCspooF Vulnerability in TTE Affecting Network Technology used in Aircraft and Spacecraft *

State-Sponsored Chinese Hacking Group Targeting Government and Defense Organizations in Asian Countries *

Security Researchers Disclosed Details of Security Flaws in Zendesk Analytics Service *

Spotify's Backstage Developer Platform is Vulnerable to Critical RCE Flaw *

Researchers Discovered New Version of DTrack Backdoor Targeting European Organizations *

Researchers Discovered New KmsdBot Malware Mining Cryptocurrency and Launching DDoS Attacks *

'Fangxiao' A Malicious For-Profit Group Uses 42,000 Sites for Brand Impersonation Scheme *

Researchers Identified an Information Disclosure Vulnerability in Aiphone Intercom Products *

Russian Hackers Infected Ukrainian Organizations with New Somnia Ransomware *

New Phishing Campaign Targeting Spain Taxpayers to Steal Bank Details *

Cisco Addresses 33 Vulnerabilities in its Enterprise Firewall Products *

Foxit Patches Four Code Execution Vulnerabilities in its PDF Reader *

A New Extortion Scam Threatens to Leak Websites Sensitive Information Globally *

A 24 Hour Outage has Rendered Royal Mail Tracking Unavailable *

Sobeys a Canadian Food Retail Giant Hit by Black Basta Ransomware *

New Android Spyware BadBazaar Linked to Chinese Cyberspies *

Two Malicious Android Apps Spotted Distributing Xenomorph Banking Trojan *

US Confiscates 18 Domains Used for Recruiting Money Mules *

New Version of IceXLoader Malware is Dropped Via Phishing Emails *

Threat Group ‘Worok’ Concealing New Information-Stealing Malware in PNGs *

Android Spymax RAT Malware Targets the Indian Defense Forces *

Lenovo Fixes High Severity Vulnerabilities Allowing Attackers to Deactivate UEFI Secure Boot *

New Information-Stealing Malware StrelaStealer Targeted Outlook and Thunderbird Accounts *

Intel and AMD Addresses Multiple Vulnerabilities in its Patch Tuesday Updates *

SAP Released Patches for Critical BusinessObjects and SAPUI5 Vulnerabilities *

Massive Google SEO Poisoning Campaign Hacks 15,000 Sites *

LockBit 3.0 Ransomware Distributing Amadey Bot Malware Via Phishing Emails *

Cloud9 Chrome Botnet Using Malicious Extensions to Remotely Control Victim's Browsers *

Citrix Patches a Critical Authentication Bypass Vulnerability in its ADC and Gateway Product *

VMware Patches Three Critical Vulnerabilities in Workspace ONE Assist *

Siemens and Schneider Electric Addresses Several Security Vulnerabilities in its Products *

SocGholish Operators Expands its Malware Staging Infrastructure to Counter Defenders *

Researchers Found Security Scanner URLScan Accidentally Leaking Sensitive URLs and Data *

Cyberattack on PNORS Technology Leads to the Breach of Victorian School Students' Health Records *

The Largest Canadian Food Company Maple Leaf Foods Encountered Cyberattack *

The Robin Banks Phishing-as-a-Service (PhaaS) Platform Back to Steal Bank Accounts *

Hackers Abusing Microsoft Dynamic 365 Customer Voice in Phishing Attack *

CISA Warns About Critical Vulnerabilities in Three ICS Software *

Apple Releases Xcode Update to Patch Git Vulnerabilities *

Verified Twitter Users are Targeted by New Phishing Attack *

New Crimson Kingsnake Group Impersonating Law Firms in Business Email Compromise BEC Attacks *

Indian Government Employees are Being Targeted by a New Malware Campaign *

Users Across the Globe are Facing Issues in Accessing Twitter *

RomCom RAT Malware Distributed via Websites Impersonates SolarWinds NPM, KeePass, Veeam Software *

LockBit Ransomware Gang Claims Cyberattack Against German Manufacturing Company Continental *

Cisco Fixed High-Severity Vulnerabilities in Email, Identity, and Web Security Products *

ALMA Radio Telescope Suffers Cyberattack Forcing it to Suspend All Operations *

Splunk Addresses 9 High-Severity Vulnerabilities in its Enterprise Product *

Fortinet Fixed 6 High-Severity Vulnerabilities in its Multiple Products *

Researchers Disclosed Multiple Vulnerabilities in Checkmk's IT Infrastructure Monitoring Software *

Threat Actor Distributing Malware Via Hundreds of U.S. News Sites *

Malicious PyPI Packages Found Dropping 'W4SP' Info-Stealing Malware *

Infamous Emotet Malware Resumed its Operation After Five-Month Break *

Vodafone Italy Disclosed Data Breach After their Reseller FourB Hit by Cyberattack *

Hacker Steals 130 GitHub Repositories from Dropbox in Data Breach *

Malicious VPN Application Infects Android Users with SandStrike Spyware *

Malicious Android Apps Downloaded Over One Million Times Spotted on Google Play Store *

OpenSSL Releases Patches to Fix Two High Severity Vulnerabilities in Open-Source Library *

Microsoft Fixed a Critical RCE Vulnerability Detected in Azure Cosmos DB Jupyter Notebooks *

Cyberattack on Air New Zealand Compromises Multiple User Accounts *

Threat Actors Abusing Antivirus Software to Drop LODEINFO Malware Targeting Japanese Organizations *

Australian Defense Contractor Suffers Ransomware Attack *

Researchers Discovered a Security Vulnerability in Galaxy Store App for Samsung *

Label Printing Giant Multi-Color Corporation Confirmed Data Breach *

Bed Bath & Beyond Inc Suffers a Data Breach *

U.S. Bank Reveals Data Leak Affecting 11,000 Customers *

See Tickets Suffers a Major Card Data Breach Lasting for 2.5 Years *

Michigan Medicine Suffered Data Breach Impacting 33K Patients *

ConnectWise Fixes the RCE Flaw that Left Thousands of Servers Vulnerable to Attacks *

Twilio, A Cloud Communications Company Discloses Another Data Breach *

Google Patches the Seventh Zero-Day Vulnerability in its Chrome Browser *

Cyberattack on Aurubis Forces IT Systems to Shut Down *

Researchers Discover Android Malware Droppers on Google Play with 130K Installations *

Threat Actors using Clop Ransomware to Encrypt Devices Previously Infected with Raspberry Robin Worm *

The Latest Fodcha Botnet Featuring Ransom Demands has Emerged *

Drinik Android Malware Impersonating Official Tax Management Tool Targeting Users of 18 Indian Banks *

Australian Clinical Labs Disclosed Data Breach After Months of Data Leak Post *

Microsoft Fixed Sync Issue in the Vulnerable Driver Blocklist *

Medibank Confirms Hackers had Accessed the Customer's Personal Information During Ransomware Attack *

New Version of FurBall Android Malware Used for Spying Iranian Citizens *

Advocate Aurora Health (AAH) Suffers Data Breach that Exposing Data of 3 Million Patients *

Ursnif Malware Switches from Stealing Bank Accounts to Gaining Access to Computers *

Hackers Exploit Microsoft Azure SFX Vulnerability to Hijack Service Fabric Clusters *

Apache Patched RCE Vulnerability in its Open-Source Commons Text Library *

WordPress Fixed 16 Vulnerabilities with Security Update 6.0.3 *

Researchers Uncovered a Previously Undetected PowerShell Backdoor Infected Over 60 Users *

Microsoft Suffers Data Breach Due to Misconfigured Server that Exposes Customers’ Information Online *

Cobalt Strike Releases Out-of-Band Security Update for Critical RCE Vulnerability *

DiceyF Attackers Deploying GamePlayerFramework in Attacks Against Asian Casinos *

Hackers Targeted Hong Kong Government Agency's Network in a Year-Long Campaign *

Ransom Cartel Ransomware Shares Similar Traits with the Notorious REvil Ransomware *

Black Basta Ransomware Gang Employing Qakbot to Drop Brute Ratel C4 Framework *

MyDeal Suffers Data Breach where 2.2 Million Customers' Personal Information was Stolen *

Australia's Largest Health Insurance Company Medibank Suffers Ransomware Attack *

A Zero-Day Vulnerability in Windows Mark of the Web Receives Free Unofficial Patch *

End of Life for Over 45,000 VMware ESXi Servers *

Venus Ransomware Encrypting Windows Devices via Publicly Exposed Remote Desktop Services *

New PHP Version of Ducktail Malware Targeting Facebook Business Accounts *

Zimbra Zero-Day Vulnerability Leveraged to Compromise Over 900 Servers *

Microsoft Researchers Discovered A New Prestige Ransomware Targeting Organizations in Ukraine and Poland *

Colombian Govt Suffers Data Leak Exposing Secret Australian Police Agents *

India's Largest Electric Utility Company Tata Power Hit by Cyberattack *

Microsoft Office 365 Could Expose the Content of Messages due to Vulnerable Email Encryption Mode *

Hackers Distributing Android Banking Malware Copybara Via TOAD Tactics *

Magniber Ransomware Target Windows Users Via Fake Antivirus and Security Updates *

A Critical Flaw in Siemens SIMATIC PLCs Allows Hackers to Steal Cryptographic Keys *

Cloudflare Mitigates Largest DDoS Attack Aimed at Gaming Platform Minecraft's Server *

Windows, MacOS, and Linux Systems Targeted by New Alchimist Attack Framework *

Scammers Abusing Google Forms in New Covid-19-Themed Phishing Campaign *

Unofficial WhatsApp Application 'YoWhatsApp' is Stealing User's Account *

Hackers Creating Typo-Squatted Clone Packages to Trick Developers for Supply Chain Attacks *

Aruba Addressed Critical RCE and Authentication Bypass Bugs in its EdgeConnect Enterprise Orchestrator *

POLONIUM Threat Group Uses Creepy Malware in Cyber Espionage Against Israeli Organizations *

Microsoft Exchange Servers Targeted to Drop Lockbit Ransomware *

Researchers Warn of a Critical RCE Vulnerability in VM2 Sandbox Library *

Adobe Fixes Critical Flaws in ColdFusion, Adobe Commerce and Other Products *

Microsoft Patch Tuesday Security Advisory - October 2022 *

Caffeine, a Phishing-as-a-Service Platform Makes it Easy to Launch Phishing Attacks *

Researchers Disclosed New Emotet's Delivery and Evasion Techniques *

Toyota's Access Key Mistakenly Exposed on GitHub Leaking Customer Data *

Pro-Russian Hackers Take Down US Airports' Websites with Large-scale DDoS Attacks *

Android Security Updates for October Patches Critical Vulnerabilities *

Hackers Targeting Solana Cryptocurrency Owners via Fake Phantom Security Update *

Dark Web Carding Market BidenCash Leaks Details of 1.2 Million Stolen Credit Cards *

Source Code of Intel Alder Lake's UEFI Firmware has been Leaked *

Callback Scammers Strengthen their Social Engineering Techniques *

Taiwanese Chipmaker 'ADATA' Denies RansomHouse's Recent Data Breach Claims *

Fortinet Patches Critical Auth Bypass Flaw in FortiGate Firewalls and FortiProxy Web Proxies *

Threat Actors Actively Exploiting a Zero-Day RCE Vulnerability in Zimbra Collaboration Suite *

Eternity Hackers Group Offering New LilithBot Malware-as-a-Service Via Telegram Channel *

Newly Patched macOS Archive Utility Vulnerability Details Released *

Telstra's Third-Party Platform Suffers a Breach Exposing its Employee Information *

A New Bug found in Linux Kernel 5.19.12, Which Damages Intel Laptop Displays *

Hackers Breach the Tucson City's Network and Stolen the Information of Over 125,000 People *

Researchers Discovered New 'Maggie' Backdoor Targeted Several Microsoft SQL Servers *

Consumer Banking Company Chase Bank Suffers Outage which Affects UK Customers *

Live Chat App Comm100 Trojanized to Spread Malware in Supply Chain Attack *

US Alert: Hackers Using New Custom Malware to Steal Data from US Defense Organization *

Hackers Injecting Malicious JavaScript on Scammer's Crypto Sites to Steal Crypto Funds *

A Popular Chinese-language YouTube Channel found Distributing Malicious Tor Browser Installer *

A High-severity Vulnerability in Packagist PHP Repository could Lead to Supply Chain Attack *

Cheerscrypt a Linux-Based Ransomware Linked to Chinese Hackers *

Researchers Warn Microsoft Exchange Zero-Day Mitigation can be Bypassed for On-premise Servers *

Hackers Selling Fake Microsoft Exchange ProxyNotShell Exploits on GitHub *

BlackCat Added NJVC to its Data Leak Site *

Threat Actors Abusing Web Browser App Mode to Create Desktop Phishing Pages *

After Data Leak, Retail Chain 'DNS' Confirmed Data Breach *

CISA Adds Critical Bitbucket Server and Microsoft Exchange Vulnerabilities to Known Exploited Vulnerabilities (KEV) Catalog *

Hackers Exploiting Vulnerable WordPress Websites to Inject SolarMarker Malware *

Unknown Attacker Hacked Shangri-La Hotel Group's Customer Database *

Researchers Discovered Several Fake LinkedIn Profiles for CISOs of Large Organizations *

Cisco Fixed Several High-Severity Vulnerabilities in its Networking Software *

Lazarus Attackers Using New BYOVD Technique in Cyberattacks *

Scammers Dropping Cobalt Strike Beacons via Fake US Govt Job Offers *

Microsoft Confirms New Exchange Zero-Day Flaws are Being Exploited in Wild *

Microsoft Discovered Lazarus Hackers Weaponizing Open-Source Software *

Indian Government Swachh City Platform Suffers Data Breach *

Researchers Discovered New Zero-Day Vulnerabilities in Microsoft Exchange Being Actively Exploited in Attacks *

Hackers Using New Malware to Backdoor VMware ESXi Servers *

Hackers are Exploiting Ethernet VLAN Stacking Flaws to Launch DoS, MiTM attacks *

Researchers Uncovered New Secret Attack Campaign Targeting Military Contractor Companies *

World's Leading Business Media Brand Fast Company Hacked by Attackers *

New Chaos Malware Launches DDoS Attacks on Windows and Linux Devices *

The Internal Revenue Service Warned American about Huge Rise in Smishing Attacks *

Cybercriminals Distributing macOS Malware via Lucrative Job Offers Impersonating Crypto.com *

Optus Suffers a Breach Leading to Release of 10,200 Customer Records *

NullMixer Malware Distributed via Malicious Websites Mimicking Cracked Software *

Hackers Distributing Graphite Malware Using New Code Execution Technique *

New Info-stealing Malware Erbium Target Popular Video Games Via Fake Cracks and Cheats *

Tibetan Entities Targeted by Chinese Hacker using New LOWZERO Backdoor *

WhatsApp Patched 2 Major Zero-Day Bugs that Affect Both iOS and Android Versions *

Researchers Found 'Scylla' Ad-fraud Campaign on Google Play Store and Apple Store *

An Attack Targeting Universities, Telcos, and ISPs is Discovered by Researchers *

Android Users Targeted with Info-stealing Malware Via Fake Indian Banking Rewards Apps *

Several npm Packages Published by Crypto Exchanges have been Compromised *

Microsoft Patched Spoofing Vulnerability in Microsoft Endpoint Configuration Manager *

Microsoft SQL Servers Targeted in New TargetCompany Ransomware Attacks *

A New RCE Firewall Bug Exploited by Attackers in Sophos Firewall; Hotfix Available *

A Worldwide Outage Affects YouTube Live Streams *

GitHub Users Targeted with New Phishing Campaign *

Threat Actors Actively Exploiting Critical Magento Vulnerability *

Threat Actor Hacked Microsoft Exchange Servers to Spread Phishing Campaign *

CISA adds Critical ManageEngine RCE Bug to its Known Exploited Vulnerabilities Catalog *

Threat Actors Using LinkedIn Smart Links to Evade Detection in Phishing Campaign *

Over 39,000 Unauthenticated Redis Servers are Exposed to the Internet *

CISA Warns of Multiple Vulnerabilities Detected in the Dataprobe's Power Distribution Units *

15-year Old Python Vulnerability Affects more than 350,000 Open-source Repositories *

Oracle Addressed a Critical Vulnerability in its Cloud Infrastructure *

Hackers Steal $162 Million Worth of Digital Assets from Crypto Trading Firm Wintermute *

Attackers Hacked 2K Game's Support Platform to Infect Players with Malware *

Security Company Imperva Stopped a Long-lasting 25.3 Billion Request DDoS Attack *

Hive Ransomware Claimed Responsibility for Cyberattack on New York Racing Association *

Attack on Financial Technology Company Revolut Exposes 50,000 Users' Data *

Microsoft and VMware Alert on Chromeloader Malware Campaign *

U.S. Government Agencies Targeted with Better-Crafted Lures in Phishing Attacks *

American Airlines Suffered a Data Breach Exposing Employee and Customer Data *

Uber Accuses Contractor for Breach, Claims Lapsus$ Threat Group Behind the Cyberattack *

LastPass's Development Systems were Accessed for Four Days in a Data Breach *

Hacker Claims to have Stolen GTA 5 and 6 Source Code and Assets *

Security Researchers Found New Attacks of Notorious Hacking Group TeamTNT *

North Korean Attackers Targeted Media Companies with Malicious PuTTY SSH Client *

BlackCat and Quantum Ransomware Groups Using Emotet Malware to Deploy Payloads *

A Ransomware Attack Results in a Data Breach at New York Ambulance Service *

A Hacker Sells the Personal Information of 219,000 Starbucks Customers in Singapore *

Organizations Must Patch Stuxnet Vulnerabilities, Says CISA *

Uber's Internal Systems Breached Exposing Vulnerabilities Reports *

Threat Actors Distributing New Malware Bundle via YouTube *

Akamai Mitigates Another Record-Breaking DDoS Attack in Europe *

Hive Ransomware Takes Responsibility for the Attack Against Bell Technical Solutions *

Phishing Campaign Targeting Greek Taxpayers to Steal Victims' Passwords *

Scammers Using Queen’s Death to Steal Users' Microsoft Credentials in Phishing Attacks *

Lenovo Addressed Several BIOS Vulnerabilities in September 2022 Security Updates *

FBI Warns on Hackers Targeting Healthcare Payment Processors *

Hackers Target Nuclear and Genome Researchers Via Multi-Persona Impersonation Phishing Technique *

Hackers Compromise Software Provider Magento's in a Supply Chain Attack *

Cyber Espionage Attacks Targeting Asian Governments and Organizations *

WPGateway Zero-Day Vulnerability Actively Exploited in the Wild *

Apex One RCE Vulnerability is Actively Exploited, Warns Trend Micro *

Microsoft Patch Tuesday Security Advisory - September 2022 *

Lorenz Ransomware Gang Exploiting Mitel MiVoice VOIP Appliance Vulnerability *

Hacktivist Gang GhostSec Claims Responsibility for Compromising 55 Berghof PLCs in Israel *

Researchers Discovered New Android Banking Trojan 'Zanubis' Targeting Peru Banks *

Steam Community User Accounts are being Stolen Via New Browser-in-the-Browser Attacks *

Apple Addressed Actively Exploited Zero-Day Vulnerability in its Security Updates *

American Rental Company U-Haul Confirms Data Breach, Exposed Customers' Driving License Information *

Ransomware Developers Adopting a New Encryption Technique to Evade Detection *

Six High-Severity HP Firmware Vulnerabilities Left Unpatched For Over a Year *

Admins are Urged to Patch a High-Severity Vulnerability in ConnectWise Automate Tool *

The Lampion Malware Abusing File Sharing Service WeTransfer in Phishing Attacks *

Albania Hit by Another Cyberattack, Blamed on Iran *

5 Million Attacks Blocked Targeting Zero-Day in BackupBuddy WordPress Plugin *

Bumblebee Malware Now Using New Stealthy Infection Technique *

New Attack Technique GIFShell Used to Create Reverse Shell Using Microsoft Teams GIFs *

North Korean APT Group Lazarus Targets U.S. Energy Sector *

Iranian Threat Group DEV-0270 Abusing BitLocker Feature to Encrypt Windows Systems *

The Armed Forces General Staff Agency of Portugal Suffers a Cyberattack *

Threat Actors Found Utilizing PowerShell Empire After Initial Compromise *

New Moisha Ransomware Actively Targeting Several Organizations *

Attackers Hacked 200,000 The North Face Accounts in Credential Stuffing Attack *

Threat Group APT42 Distributing a Custom Android Spyware via SMS Phishing Campaigns *

Cisco Refuses to Patch Zero-Day Vulnerability in EoL Routers *

HP Patches a High Severity Flaw in its Support Assistant Tool *

New Linux Malware Shikitega Evade Detection Via Multi-Stage Deployment *

Ransomware Attack Hits Second Largest U.S. School District Los Angeles Unified *

Mirai Variant Moobot Botnet Targeting Vulnerable D-Link Routers *

InterContinental Hotels Group Hit by Cyberattack Disrupts IT Systems *

Zyxel Addressed a New Critical RCE Vulnerability in NAS Firmware Security Updates *

Ransomware Attackers Abusing Genshin Impact Game's Anti-Cheat Driver to Kill Antivirus *

EvilProxy Phishing Toolkit Allows Hackers to Steal Authentication Tokens to Bypass MFA *

TikTok Denies Security Breach Claims, Stating the Leaked Data is Unrelated *

QNAP Fixes a Photo Station Zero-Day Vulnerability Leveraged in Deadbolt Ransomware Attacks *

Italy’s Energy Sector Hit by BlackCat Ransomware Group *

NFL's San Francisco 49ers Confirms Data Breach; Information of 20K People Stolen *

French Clothing Store, Damart Hit by Hive Ransomware; $2 Million Ransom Demanded *

The SharkBot Malware Strikes Back to Steal Login Credentials *

Threat Actors Stole Victim Data with Prynt Stealer's Backdoor *

Internal Revenue Service Accidentally Leaked Personal Information of 120,000 Taxpayers *

Google Chrome Emergency Update Patches New Zero-Day Vulnerability *

Samsung Suffers Data Breach; Users Personal Data Leaked *

Chilean Government Agency Hit by a New Ransomware Attack *

New Instagram Phishing Campaign Targets Thousands of Accounts Via Blue-Badge Offer *

Over 1,000 iOS Applications Detected Exposing AWS Credentials *

Famous Social Media Platform Twitter Suffers Outage, Thousands of Users Reported Connection Problems *

Ragnar Locker Ransomware Gang Claims Cyberattack Against TAP Air Portugal Airline *

Malicious Google Chrome Web Browser Extensions were Downloaded by 1.4 Million Users *

A TikTok Android App Vulnerability Enable Hackers to Hijack Accounts *

New Bug in Google Chrome Lets Websites Write to Clipboard Without User Approval *

Apple Fixed an Actively Exploited iOS Zero-Day Vulnerability in Older iPhone Models *

Microsoft Azure Outage Knocks Ubuntu Virtual Machines Offline Globally *

Russian Streaming Platform START Discloses Data Breach *

Threat Actors Hide Malware in the Images of the James Webb Telescope *

Chinese Threat Actors Actively Targeting Australian Government Via ScanBox Malware *

New Golang-based 'Agenda' Ransomware Targeting Healthcare and Education Entities *

Vodafone Idea Denies Data Breach Exposing Call Data of 20 Million Customers *

Baker & Taylor the Largest Library Solution Distribution Firm Hit by Ransomware Attack *

2.5 Million U.S Students Loan Accounts Details Exposed in Nelnet Data Breach *

Akasa Air's Data Breach Exposes Passengers' Personal Information *

Russian Attackers Employing New Malware to Hijack ADFS *

Iranian Hackers Leveraging Log4j 2 Vulnerabilities in Attacks Against Israeli Entities *

CISA Added 10 New Actively Exploited Vulnerabilities to its Catalog *

Threat Actors Exfiltrated LastPass Source Code Using a Compromised Developer Account *

The DoorDash Service Reveals a New Data Breach Linked to Twilio Hack *

Threat Actors Using the Fake "Cthulhu World" P2E Project to Spread Malware that Steals Data *

A Critical RCE Vulnerability Discovered in Atlassian Bitbucket Server *

A Database Leak in India Exposed Federal Police and Banking Records *

Researchers Identified that Over 130 Entities Hit by Okta Phishing Attack *

Canadian Manufacturing Company Bombardier Recreational Products (BRP) Hit by Cyberattack *

Phishing Campaign Targets PyPI Maintainers Leading to Hijacking of PyPI Packages *

Cisco Fixes Two High Severity Vulnerabilities Affecting its Nexus-Series Business Switches *

Mozilla Fixes Several Vulnerabilities in Firefox and Thunderbird Products *

New Evil PLC Attack Weaponizes PLCs to Hack OT and Enterprise Networks *

Researchers Found New BEC Campaign Using MITM Attack to Monitor Microsoft 365 Accounts *

Plex Alerts Users to Reset Passwords After Detecting a Data Breach *

IBM Fixes High-Severity Vulnerabilities in its MQ Messaging Middleware *

Dominican Republic's Government Agency Suffers Quantum Ransomware Attack *

Researchers Reveal 8-Year-Old Vulnerability DirtyCred Found in Linux Kernel *

Google Researchers Identified Iranian Hackers Using a New Tool to Steal Victims’ Email Data *

France Hospital Hit by a Ransomware Attack Demanded $10 Million Dollar Ransom *

Attackers Targeted Hotel and Travel Firms Via Phishing Campaigns *

Greek Natural Gas Operator DESFA Hit by Cyberattack *

GitLab Patches a Critical RCE Vulnerability Impacting its Community and Enterprise Edition *

Researchers Find RTLS Systems Vulnerable to MiTM Attacks and Location Tampering *

Scammers used Compromised PayPal Account to send Phishing Invoice Mail to PayPal Users *

Novant Health Disclosed Data Breach; Impacts 1.3 Million Patient Records *

Researchers Discovered New 'Escanor' Malware Weaponized in Microsoft Office and Adobe PDF Documents *

Grandoreiro Banking Malware Spotted Targeting Spanish and Mexican Manufacturer Employees *

CISA Warned About a Critical SAP Vulnerability Exploited in the Wild *

Researchers Detected 241 NPM and Python Packages Drop Cryptominers on Linux Systems *

Attackers Infecting Vulnerable WordPress Websites to Deliver RAT and Trojan Malware *

FBI Alert: Attackers Using Proxy and Configurations in Credential Stuffing Attacks *

Attackers Compromised General Bytes Bitcoin ATM Servers Using a Zero-Day Flaw *

Chinese APT41 Group Targeted 13 Entities Worldwide in 2021 *

Amazon Fixes a High-Severity Flaw in its Ring Application *

Cozy Bear Attackers Actively Targeting Microsoft 365 Users *

Researchers Describe Evasive DarkTortilla Crypter Used to Deliver Malware *

Threat Actors Employing Bumblebee Malware Loader to Compromise Active Directory *

Cisco Fixes a High Severity Vulnerability in Secure Web Appliance *

Google Blocked the Largest HTTPS DDoS Attack of All Time *

A New MailChimp Data Breach Exposing DigitalOcean Customers' Email Addresses *

North Korean Attackers Infecting Job Seekers with macOS Malware *

Malicious Browser Extensions Downloaded by More than 7 Million People Since 2020 *

Google Released Security Update to Address a Zero-Day Flaw in Chrome Browser *

Apple Patches Two Actively Exploited Vulnerabilities in iPhone, iPad, and macOS Security Updates *

Clop Ransomware Gang Breaches UK Water Supply Company But Misattributes the Victim *

BharatPay Suffers Data Breach Exposing 37,000 Users’ Personal and Transaction Details Online *

Hacker Loots 20,000 Items Worth $6 Million from CS:GO Trading Site *

Researchers Detected AEPIC Leak and SQUIP Bugs in Intel and AMD Processors *

Twilio Data Breach Exposed Phone Numbers of 1,900 Signal Users *

Behavioral Health Group Notifies Customers of Data Breach Affecting 198K Patients *

Malicious PyPi Packages Targeting Counter-Strike Servers with DDOS Attacks *

Argentina's Judiciary of Cordoba Suffers Play Ransomware Attack *

Security Researchers Disclosed a Security Flaw in Microsoft Signed UEFI Boot Loaders *

A New SOVA Malware Variant Now Encrypts Android Files *

Realtek eCos SDK Vulnerability Expose Multiple Routers to Remote Attacks *

CISA and FBI Alerts on Zeppelin Ransomware Attacks *

VLC Media Player Banned in India, Website and Download Link Blocked *

A Malicious MiMi Chat App Drops New Backdoor rshell on Mac, Linux Systems *

Researchers Detected Security Flaws in Xiaomi Smartphones Powered by MediaTek Chips *

Scammers Abusing Google Sites and Microsoft Azure Web App to Steal Cryptocurrency Wallets *

Zimbra Authentication Bypass Vulnerability Actively Exploited to Breach Over 1000 Email Servers *

Security Researchers Identified Critical Bugs in Device42 IT Asset Management Platform *

A Threat Actor Employs a New RAT Malware in Cuba Ransomware Operation *

Cisco Confirms Yanluowang Ransomware Group Breached its Network in May,2022 *

Cybersecurity Firm Detects Vulnerabilities in Indian Insurance Company Policybazaar *

Cisco Patched a Vulnerability which Allowed to Steal RSA Private Keys on ASA, FTD Devices *

Microsoft Linked Service Outage to Cisco Meraki Firewall's IDR False Positive Alert *

Palo Alto Networks Fixed a Security Vulnerability Detected in PAN-OS Firewall Configuration *

IBM Fixes Several Vulnerabilities in Cloud, Voice, Other Security Products *

CheckPoint Researchers Discovered Ten Malicious Python Packages Steal Developer's Credentials *

CISA Alerts Administrators on Windows and UnRAR Vulnerabilities Exploited in the Wild *

Cloudflare Also Hit by Threat Actors Responsible for Twilio Data Breach *

New Android Spyware 'Dracarys' is Distributed via Fake Signal Messaging App *

Microsoft Patch Tuesday Security Advisory - August 2022 *

Chinese Attackers Employed a New Malware to Backdoor Government and Defense Organizations *

Cloud Communications Company Twilio Discloses a Data Breach *

New Orchard Botnet Utilized Bitcoin Founder’s Account Information to Create Malicious Domains *

Email Marketing Firm Klaviyo Suffers a Data Breach *

Multinational Retail Company 7-Eleven Suffers a Cyberattack Forced to Close All Stores in Denmark *

Threat Actors Abused Hostinger’s Preview Domain Feature in Phishing Attacks *

F5 Addressed 21 Vulnerabilities in its Quarterly Security Updates *

North Korean Attackers Impersonating World's Largest Cryptocurrency Firm Coinbase to Target Fintech Industry *

Hackers Abused Snapchat and American Express Websites in Phishing Attacks *

A New Ransomware 'GwisinLocker' Encrypts Vulnerable ESXi Servers *

Slack Resets Users Passwords After a Bug Exposed Hashed Passwords *

Akamai Reports Largest Ever DDoS Attack, with 659.6 Million Packets per Second *

Cyberattack on UK Managed Service Provider Causes NHS Outage *

A Zero-Day Bug Exposes 5.4 Million Twitter Accounts *

The Association of German Chambers of Industry and Commerce (DIHK) Hit by a Cyberattack *

Over 280 Million Indian Citizens' Sensitive Data Exposed Online *

CISA Urges Users to Patch Vulnerable Zimbra Email Suites *

Community Healthcare "First Choice" Impacted by a Data Breach *

New Phishing Campaign Targeting Microsoft Email Services to Launch BEC Attacks *

Researchers Detected a Critical Vulnerability Affects 29 Models of DrayTek Vigor Routers *

Vulnerability in WordPress's Download Manager Plugin Hosted on Over 100,000 Sites has been Fixed *

Researchers Detected a New 'ParseThru' Flaw Impacts Golang-Based Applications *

NVIDIA fixed several Security Flaws in GeForce Security Update *

Google Addressed Multiple Security Vulnerabilities in Chrome Browser Updates *

Cisco Patches Critical Security Vulnerabilities in its VPN Routers *

CERT-In Identifies High Severity Vulnerabilities in Mac, iPhone, iPad, ChromeOS and Firefox Browser *

Attackers Stolen Wiseasy’s Employee Passwords to Access Nearly 140,000 Wiseasy Payment Terminals *

VMware Fixed a Critical Authentication Bypass Vulnerability Affecting its Multiple Products *

Taiwanese Websites Suffers DDoS Attacks Ahead of House Speaker Nancy Pelosi's Visit *

Google Released its Android OS Security Bulletin August 2022 *

A Major German Semiconductor Manufacturer Semikron Suffers Ransomware Attack *

Vulnerable GitHub Actions Workflow Allows Command Execution *

Over 3,200 Apps Leak Twitter API Keys Allow Hackers to Hijack Users' Twitter Accounts *

Security Researchers Detected a Directory Traversal Arbitrary File Deletion Flaw in CompleteFTP Software *

Cybersecurity Firm Halborn Warns of New MetaMask Phishing Campaign *

Microsoft Notifies About Outlook Crashing When Reading Uber Receipt Mails *

European Natural Gas Pipeline Operator 'Creos Luxembourg' Hit by BlackCat Ransomware Attack *

Subzero Malware Exploiting Windows and Adobe Vulnerabilities *

North Korean Threat Actor Deploying Malicious Browser Extensions to Spy on Email Accounts *

A Security Researcher Detected XSS Bugs in Google Cloud, DevSite, and Google Play *

LockBit Ransomware Hackers Abusing Windows Defender to Side-Load Cobalt Strike *

Researchers Discovered Giant Network of 11,000 Fake Investment Sites Targeting Europe *

OneTouchPoint Suffers a Data Breach Affecting 30 Healthcare Entities *

Android Adware Apps are being promoted by Facebook Ads *

Federal Communications Commission warned Americans about increasing Smishing Attacks *

Malicious Android Apps are Dropping Banking Malware on User Devices via Google Play Store *

LibreOffice addresses Multiple Security Vulnerabilities *

Microsoft 365 Suffers an Outage Impacting North American Admin Center *

Threat Actors Using Hacked Microsoft SQL Servers as Proxies to Steal Bandwidth *

Hackers Stealing Discord Users’ Payment Card Info Using Malicious npm Packages *

Cloud Services Have Been Disabled by a Kansas MSP to Fend Off Cyberattack *

Hackers Exploiting Nuki Smart Lock Vulnerabilities to Open Doors *

New ‘Robin Banks’ Phishing Service Targeting Customers of Financial Organizations *

Threat Actors Hacking Microsoft Exchange Servers with IIS Backdoors *

New Phishing Campaign ‘Ducktail' Aimed at Professionals on LinkedIn *

Hackers Employ Malware and Adware to Infect 28 Google Play Store Apps *

Threat Actors Hack Blockchain Music Platform 'Audius'; $6 million Stolen *

Hackers Employing WebAssembly-Coded Cryptominers to Avoid Detection *

New Version of Amadey Malware Distributed in SmokeLoader Campaign Via Software Cracks *

Hackers Leveraging GoMet Backdoor to Target an Ukrainian Software Company *

FileWave MDM Vulnerabilities Expose 1,000 Organizations to Remote Attacks *

Researchers Found CosmicStrand UEFI Malware in Gigabyte and ASUS Motherboards *

A Zero-Day Vulnerability in PrestaShop is Being Actively Exploited to Steal Customer's Payment Information *

Policybazaar Confirms a Network Breach in its IT Systems *

Atlassian Fixed Critical Bug Enables Hackers to login Unpatched Confluence and Data Center Servers *

Attackers Using DLL Side-Loading Technique to Drop QBot Malware on User Systems *

Zyxel Releases Security Patches to Fix Vulnerabilities in its Firewall Products *

Fraudsters Targeting Punjab State Power Corporation Limited (PSPCL) Consumers in New Online Scam *

A Threat Actor 'Devil' claimed to have stolen Account Data of 5.4 million Twitter Users *

Russian Attackers Breach Ukrainian Media Company TAVR Media to Spread Fake News About President Volodymyr Zelenskiy *

Konni RAT Malware is Used by North Korean Hackers to Attack European Nations *

SonicWall Immediately Patches a Critical SQL Injection Vulnerability *

Hackers Employing New ‘Lightning Framework’ Linux Malware to Install Backdoors and Rootkits *

Hackers Leveraged High-Severity Google Chrome Bug to Infect Journalists *

Cryptomining Group '8220 Gang' targeting Linux and Cloud Application Vulnerabilities *

Rouge ‘YouTube’ Google Advertisement Redirect Users to Windows Support Scams *

Oracle Addresses 349 New Security Vulnerabilities in its July 2022 Critical Patch Update *

Apple Addressed Multiple Security Vulnerabilities in its All Devices *

A New CloudMensis Spyware Targeting Apple macOS Users *

A New Cryptocurrency Scam Swindle Users Via Fake Nvidia Giveaway *

Russian SVR Attackers Employing Google Drive Cloud Services to Evade Detection *

Belgium Claims Chinese Threat Groups Targeting its Ministry of Defense and Interior Ministries *

Attackers Steal 50,000 Payment Card Details from 300 U.S. Restaurants in Web-Skimming Campaigns *

German-Based Giant Building Materials Producer Knauf Hit by Black Basta Ransomware Attack *

FBI Alerts of Fraudulent Cryptocurrency Apps used to trick U.S. Investors *

Flipkart owned Cleartrip Suffers Data Breach *

Albania Government Hit by a Massive Cyberattack Forced to Shut Down Websites and Online Services *

Windows Network File System Vulnerability Leads to Arbitrary Code Execution *

The Infamous Pegasus Spyware Infected Thailand Pro-Democracy Activists' Smartphones *

Threat Actors Comproised Popular Premint NFT Website and Stolen Nearly $375k Worth of NFTs *

Israel's Health Ministry Website Hit by a Cyberattack Prevented Access to Users from Abroad *

Microsoft 365 Service Outage Impacts Outlook and Exchange Online *

The Qakbot Trojan Malware Increased its Infection Rate with New Techniques *

Juniper Fixes Critical Vulnerabilities in Junos OS and Contrail Networking Products *

Attackers Spoofing GitHub Commit Metadata to Mask Malicious GitHub Repositories *

Colorado Springs Utilities Issued Warning to Customers After Identifying a Data Breach *

Researchers Detected a New Netwrix Auditor Flaw which Enables Hackers to Compromise Active Directory Environment *

Researchers Disclose Use-after-free Condition in Google Chrome WebGPU *

Threat Actors Using Digium Phone Software To Actively Exploit VoIP Servers *

Threat Actors Actively Exploiting Modern WPBakery Page Builder Addons Vulnerability *

Threat Actors Targeting Industrial Operators Using Trojan Horse Malware and Password Cracking Ecosystem *

DDoS Attacks by the Mantis Botnet Hit Hundreds of Cloudflare Users *

Microsoft Attributed Holy Ghost Ransomware Operation to North Korean Attackers *

Pakistani Hackers Targeting Indian Students in a New Spear-Phishing Email Campaign *

Hackers Targeting PayPal Users Using Phishing Kit Installed on Hacked WordPress Sites *

Nation-State Hacking Groups Targeting Journalists in Espionage and Malware Campaign *

New Retbleed Speculative Execution Attacks Impacts Intel and AMD Processors *

Famous Social Media Site, Twitter Suffers Outage; Prevented Users from Posting Tweets *

SAP Fixed Multiple Security Vulnerabilities in its July 2022 Security Patch Day *

Lenovo Fixes Three UEFI Firmware Security Flaws Impacting more than 70 Product Models *

Bandai Namco Confirmed the Cyberattack and Investigating Data Leak *

Lithuanian Energy Company 'Ignitis Group' Hit by DDOS Attack *

Researcher Detected a New Android Malware 'Autolycos' on Google Play Store, Downloaded 3 Million Times *

Uniswap Lost $8 Million Worth of Ethereum Crypto in Large-Scale Phishing Attack *

Microsoft Uncovered the Exploit Code for macOS Sandbox Escape Vulnerability *

New Data Extortion Group 'Luna Moth' Breaching Organizations Via Fake Subscription Renewals *

Microsoft Detected AiTM Phishing Campaign Targeting Over 10,000 Entities Since 2021 *

Malaysia and Indonesia Hackers Launch Cyber War Against Indian Entities Due to Nupur Sharma's Controversial Comments *

The New York Department of Motor Vehicles (DMV) Warned of Smishing Attacks *

Siemens and Schneider Electric Addressed Several Flaws in its ICS Products *

VMware Fixes Eight-Month-Old High Severity Vulnerability in vCenter Server *

CISA Urges Federal Agencies to patch the new Windows High-Severity Vulnerability *

Adobe Fixes Critical Vulnerabilities in its Acrobat, Reader, Photoshop Products *

Microsoft Patch Tuesday Security Advisory - July 2022 *

North Korean Hackers Stole $620 Million from Axie Infinity in Spear-Phishing Attack *

India’s Central Public Works Department (CPWD) Experiencing Targeted Cyberattacks Across its Offices *

Scammers Started Phishing Campaign Targeting Amazon Prime Day-Shoppers *

Attackers Leveraging Azure VMs and GitHub Actions for Cloud-Based Cryptocurrency Mining *

A Rolling-PWN Vulnerability Enables Attackers to Start Honda Vehicle Remotely *

Hackers Disguise as Cybersecurity Companies to Trick Victims into Installing Malware *

Attackers Compromised Goa’s Water Resource Department (WRD) Server and Demanded Cryptocurrency as Ransom *

New 0mega Ransomware Gang Targeting Organizations in Double-Extortion Attacks *

A New Phishing Campaign Leveraging Follina Vulnerability to Deploy Rozena Backdoor *

Hackers Targeting Russian Users by Employing a Malicious Browser Extension *

Cisco Fixes a Critical Vulnerability in its Enterprise Communication Solutions *

Fortinet Addressed Several Security Vulnerabilities in its Multiple Products *

Mangatoon Data Breach Exposed 23 Million Accounts Information *

Microsoft Patched a Flaw Crashing Office Apps While Opening with Cloud Documents *

A Canadian Communications Firm Rogers Suffers Massive Outage Affecting Mobile Service *

New Stealthy OrBit Malware Harvesting Information from Linux Systems *

Hackers Sending Fake Copyright Complaint Emails to Deploy IcedID Banking Malware *

Hackers can Exploit Online Programming Learning Websites to Launch Remote Cyberattacks *

CuteBoi Threat Group Deploys Over 1,200 NPM Malicious Packages in Large-Scale Cryptomining Campaign *

Checkmate Ransomware Attacks Targeting QNAP NAS Devices Exposed to Internet *

Hacking and Ransomware Groups Switch from Cobalt Strike to Brute Ratel Post-Exploitation Toolkit *

Bitter APT Threat Group Still Targeting Bangladesh Military Entities *

Federal Agencies Alerted on Maui Ransomware Attacks Targeting Healthcare Entities *

OpenSSL Patches a High Severity Vulnerability in Cryptographic Library *

North American Giant IT Service Provider 'SHI' Hit by a Potential Malware Attack *

Marriott Hotels Suffers a Data Breach that Exposed 20 GB of Guests Information *

USA Professional Finance Company Suffers Data Breach Affecting Patients of 650 Healthcare Providers *

Microsoft Silently Patches the ShadowCoerce Windows NTLM Relay Vulnerability *

NPM Supply Chain Attack Employed Typosquatting Technique to Launch Supply Chain Attack *

New RedAlert Ransomware Gang Targeting Windows and Linux VMware ESXi Servers *

UK Army's YouTube and Twitter Account Hacked to Promote Crypto Scams *

Google Patches An Actively Exploited New Chrome Zero-Day Vulnerability *

Django Patches A High Severity SQL Injection Vulnerability in its New Release *

One Billion Chinese Citizens' Stolen Data is Being Sold by Hackers for Bitcoins *

Jenkins Revealed Several Zero-Day Vulnerabilities in its Multiple Plugins *

Several Flaws in Brocade SANnav Storage Area Network (SAN) Affects Multiple Major Entities *

Evilnum APT Group Makes Comeback with Updated TTPs, Targeting Fintech Entities *

Microsoft Warns of Raspberry Robin Worm Infecting Hundreds of Windows Networks Via Infected USB Drives *

A Cyberattack Over Geographical Solutions Inc. (GSI) Disrupted Unemployment Services Across the United States *

Hackers Sent Fake Suspension Notices to Verified Twitter Accounts *

Google Alerts Users about Slice Payments App which Steals Photos, Audio Records, and Call Histories *

RCE Exploit Discovered in Zoho Manage Engine AD Audit Plus Bug *

A XFiles Info-Stealing Malware Now Leveraging Follina Vulnerability in Cyberattacks *

Toll Fraud Malware Targets Android Devices by Automatically Subscribing to Premium Services *

NFT Giant OpenSea Reports Data Breach and Warned Users of Phishing Attacks *

Macmillan Publishers Suffers a Ransomware Attack; Forced to Shut Down Network *

Norway's Government Websites Suffers Multiple DDoS Attacks *

Attackers Employing New Stealthy Malware to Backdoor Microsoft Exchange Servers Worldwide *

A New Info-Stealer 'YTStealer' Targets YouTube Content Creators to Steal Authentication Tokens *

MITRE Published Top 25 Most Dangerous Software Bugs List of 2022 *

Walmart Denies Yanluowang Ransomware Attack *

CISA Urged Administrators to Patch High-Severity Linux PwnKit Vulnerability *

Microsoft Patches Azure FabricScape Vulnerability Enable Hackers to Hijack Vulnerable Linux Clusters *

Amazon Patches High Severity Security Flaw in its Android Photos Application *

A Famous Raccoon Stealer Malware Returned With New Malicious Capabilities *

Researchers Found Over 900,000 Internet-Exposed Kubernetes Instances Vulnerable to Data-Exposing Cyberattacks *

Hackers Reused Same Compromised Account Credentials of Zola Website to Gain Access to User Accounts *

Threat Actors Installing New 'ZuoRAT' Malware on Unpatched SOHO Routers *

Microsoft Released Windows 10 KB5014666 Cumulative Update Include Several Bugs Fixes and New Printing Features *

American Famous Semiconductor Company AMD Investigating RansomHouse Data Theft Claims *

Unknown Threat Actor Installed Credit Card Skimmers on Bank of the West's ATMs *

A New Android Banking Malware 'Revive' Masquerades BBVA Bank’s 2FA Application *

Chinese APT Group Compromising Building Automation Systems by Leveraging Microsoft ProxyLogon Vulnerability *

The National Institute of Standards and Technology (NIST) Issues New Guidance on Securing macOS Systems *

A Cyberattack Hit Iran’s Major Steel Companies and Forced to Stop Factory Production *

The Vice Society Ransomware Group Claims Responsibility of Attack on Medical University of Innsbruck *

A New Phishing Technique Uses Microsoft WebView2 Apps to Bypass Multi-Factor Authentication *

LockBit Ransomware Gang Infecting Users Via Fake Copyright Violation Emails *

U.S. Federal Trade Commission Warns on Extortionists Targeting LGBTQ+ Community *

Microsoft Downplays High Severity Vulnerabilities in Edge Web Browser, Affecting Over 150 Million Users *

Fast Shop, a Brazilian Retailer, Disclosed a Cyberattack Involving Extortion *

Cybercriminals leveraging Mitel Zero Day to Launch Suspected Ransomware Attack *

Malicious PyPi Python Packages Sending stolen AWS keys to Unsecured Websites *

A Japan Based Automotive Fabrics Distributor TB Kawashima Confirmed on a Cyberattack *

ISGEC Heavy Engineering Limited data is Encrypted by Hackers and They Demand Bitcoin to Decrypt It *

Automotive Hose Maker Nichirin's USA Based Subsidiary Suffers Ransomware Attack *

CISA Warns on Threat Actors Leveraging Log4Shell Vulnerability to Hack VMware Servers *

New Quantum Builder Enable Attackers to Easily Launch Malicious Windows 'LNK' Attacks *

A New Phishing Campaign Targeting Microsoft 365 Users to Steal MetaMask Recovery Phrases *

Vulnerable QNAP NAS Devices are Targeted by DeadBolt Ransomware Attacks *

Italian Spyware Vendor Infects Android and iOS Users with help of Internet Service Providers *

SMA Technologies’ Critical OpCon UNIX Agent Vulnerability Receives A Patch *

Chinese Hacking Group Disguising Cyber Espionage Operation as Ransomware Attacks *

Lithuanian NCSC Warned of an Increase in DDoS Attacks on Government Websites *

Google Fixed 14 Vulnerabilities with the release of Chrome 103 Version *

Chinese Hackers Distributing 'Nimbda' Loader Bundled in 'SMS Bomber' Tool to Install Info-Stealer Trojan Payload *

MEGA Patches Several Critical Vulnerabilities in Encryption Algorithm *

Cloudflare Suffers Massive Outage Caused by Network Configuration Error *

Icefall 56 Vulnerabilities are affecting Operational Technology Devices used in Various Industries *

New APT Group ToddyCat Targets Microsoft Exchange Servers *

Yodel Parcel Company Suffers Cyberattack Disrupting Delivery Services *

Microsoft 365 Service Outage Impacts Microsoft Exchange Online and Teams *

A New Phishing Campaign Steals Microsoft 365 Credentials Via Fake Voicemails *

New DFSCoerce NTLM Relay Attack Enables Attackers to Take Control Over Windows Domain *

RobertHalf, Global HR Firm Warns Users About Credential Stuffing Attack *

Android Banking Trojan BRATA Now Evolving Into Advance Persistence Threat *

A New Surge in ECh0raix Ransomware Attacks Detected Targeting QNAP NAS Devices *

Hackers Dropping Malicious Cobalt Strike Beacons in a New Phishing Campaign *

Cisco Confirmed on not Patching RCE Flaw in Obsolete VPN Routers *

A New 'MaliBot' Android Banking Malware Distributing as Crypto-Mining or Chrome Browser Application *

Researchers Identified Dozen of Flaws in Industrial Network Management System of Siemens *

The United States Department of Justice Dismantled Russian RSocks Botnet Infrastructure *

A Vulnerability in Cisco Appliances Allows Hackers to Bypass Authentication *

WordPress Force-Updated Ninja Forms Plugin Patch on Millions of Websites *

Chinese Hackers Exploited Sophos Firewall Zero-day Bug Weeks Before Official Patch Release *

Africa's Largest Supermarket 'Shoprite Holdings' Hit by Ransomware Attack *

Citrix Fixed Critical ADM Vulnerability in its Security Updates *

New Peer-to-Peer Panchan Botnet Compromised Several Linux Servers in Education Sector *

Public Travis CI API Logs Exposed Thousands of GitHub, AWS, Docker Tokens *

A New Side-Channel Attack 'Hertzbleed' Affects Intel and AMD Processors *

Cloudflare Detects and Mitigates Largest HTTPS DDoS Attack *

Microsoft Fixed Actively Exploited Windows MSDT Zero-Day Vulnerability in its June 2022 Security Updates *

ALPHV Ransomware Group Created a New Technique for Extortion *

Unknown Threat Group Hacked Over 500 Indian Websites, Demanding an Apology to Muslims All Over the World *

Android Adware and Info-stealing Malware Downloaded Over Two Million Times on Google Play Store *

Nonprofit Health Care Company Kaiser Permanente Confirms on Data Breach, Affected Over 69,000 Individuals *

Microsoft Patch Tuesday Security Advisory - June 2022 *

Gallium Hackers Targeting Financial and Government Organizations Using New 'PingPull' Malware *

Attackers Deploying BlackCat Ransomware on Compromised Microsoft Exchange Servers *

Threat Actors Employing a New Linux Rootkit Malware ‘Syslogk’ in Cyberattacks *

A Stealthy Linux Malware 'Symbiote' Targeting Latin American Financial Entities *

Malicious PyPI Package ‘keep’ Contains Password Stealer Due to Typographical Error *

Hello XD Ransomware Group Now Dropping a Backdoor While Encrypting Systems *

New PACMAN Hardware Attack can Bypass Pointer Authentication (PAC) in Mac Systems *

AvosLocker and Cerber2021 Ransomware Gang Actively Targeting Unpatched Atlassian Confluence Servers *

Google Fixed Several Security Vulnerabilities in Chrome Browser Updates *

Iranian Hackers Use DNS Backdoor to Attack Energy Sector *

Hackers Distributing New Info-Stealer Malware Via Pirated CCleaner Pro Software *

Several Botnets Now Exploiting Critical Atlassian Confluence RCE Vulnerability to Deploy Cryptominers *

Researchers Identified a New Chinese-Linked APT Group Spying on Organizations for 10 Years *

The New Advanced Malware 'Symbiote' Infects All Linux Processes and Steal Account Credentials *

Threat Actors Compromised US Online Gun Shops to Steal Customers' Credit Card Details *

Emotet Malware is Now Harvesting Credit Card Information from Google Chrome Browser *

Medical Service Provider 'Shields Health Care Group' Suffers a Data Breach, Exposed Over 2,000,000 People Data *

Google Fixed Several Critical Android Flaws in June 2022 Security Updates *

Hackers Abused Facebook Messenger in Large-Scale Phishing Campaign to Steal Victims' Credentials *

Two Critical U-Boot Vulnerabilities Disclosed in Linux-Based Embedded Systems *

Black Basta Ransomware Strikes Vulnerable VMware ESXi Servers *

Threat Actors Deploying New Malware 'SVCReady' Via Phishing Campaigns *

Chinese Govt Hackers Compromise US Telecommunication Companies to Snoop on Network Traffic *

Black Basta Ransomware Group Employing QBot Malware in their Operations *

Italian City of Palermo Hit by Cyberattack, Impacting Wide Range of Operations and Services *

The LockBit Ransomware Group Claims to Infiltrate Mandiant Company's Network *

Hackers Actively Exploiting Critical Windows Zero-day Vulnerability in a Phishing Campaign *

Sensitive Data of Pharmaceutical Giant 'Novartis' Exposed in a Recent Cyberattack *

WatchDog Hacker Group Mining Crytpocurency in a Newly Launched Cryptojacking Campaign *

The Android Malware 'SMSFactory' Discreetly Subscribes Users to Premium Services *

Hackers Stolen NFTs From the Bored Ape Yacht Club Via Yuga Lab's Discord Server Hack *

GitLab Patches a Critical Account Takeover Vulnerability in its Enterprise Edition *

Malware Controlling Thousands of Sites in the Parrot TDS Network Identified by Researchers *

Chinese Threat Group LuoYu Using WinDealer Malware in Man on the Side Attacks *

Foxconn's Mexico-Based Manufacturing Unit Hit by Ransomware Attack *

Microsoft Suspended Malicious OneDrive Applications Used in Polonium's Attacks *

A New Clipminer Malware Brought its Operators $1.7 Million Via Transaction Hijacking *

Hackers Actively Exploiting New Atlassian Confluence Zero-Day Vulnerability in the Wild *

Attackers Targeted Hundreds of Unsecured Elasticsearch Databases in Ransom Attack *

SideWinder APT Group Creates Fake Android VPN App on Official Google Play Store *

RuneScape-Themed Phishing Campaign Steals Users' Account Details and In-Game Item Bank PIN *

A Zero-Day Vulnerability in Windows Microsoft Office Receives Free Unofficial Patch *

Researchers Found Over 3.6 Million MySQL Servers are Exposed to Public *

Costa Rica’s Public Health Service Network Hit by Hive Ransomware Attack *

Attackers can Hijack WhatsApp Accounts Using Call Forwarding Method *

Chinese APT Hackers Actively Exploiting New Microsoft Office RCE Vulnerability in the Wild *

A New XLoader Botnet Variant Hides its C2 Servers Using Probability Method *

Zoom Released Security Patches to Fix Four Critical Vulnerabilities in its Video Conferencing App *

Cisco Researchers Discovered Several Flaws in Open Automation Software Platform *

Hackers Leveraging a New Microsoft Office Zero-Day Flaw to Run PowerShell Commands *

Austrian Federal State Carinthia Hit by BlackCat Ransomware Gang *

Attackers Employing a New WSL-Based Malware to Steal Web Browser Cookies *

EnemyBot Malware Includes New Exploits for Critical Web Servers, Content Management Systems Vulnerabilities *

FBI: Attackers Marketing Network Access Credentials for U.S. Education Institutions in Hacking Forums *

Security Researchers Released Proof-of-Concept (PoC) Exploit for Critical VMware Flaw *

Microsoft Detected Multiple Security Vulnerabilities in Android Applications *

Threat Actors Stole Around 100,000 NPM User Account Credentials in GitHub OAuth Breach *

Zyxel Fixed Multiple Security Vulnerabilities in its Products *

Windows 11 KB5014019 Patch Affects Trend Micro UMH Driver, Breaking Ransomware Protection *

Scammers Impersonating QuickBooks Support Team in Phishing Attack *

Threat Actor Leveraging Stealthy BPFDoor Malware to Infect Linux and Solaris Systems *

Microsoft Shared Guidelines to Mitigate KrbRelayUp LPE Attacks on Windows Systems *

New Linux-Based Ransomware 'Cheers' Targeting Vulnerable VMware ESXi Servers *

Researchers Detected a Rise in ChromeLoader Malware Infection Rate, Targeting Windows and Mac Systems *

Developers Warned Users to Stop Using Tails 5.0 Linux Distributions Until Next Release *

Popular Python and PHP libraries Compromised to Steal Users' Amazon AWS Keys and Credentials *

Russian Government Agencies Targeted by Fake Windows Updates Campaign *

Researchers Discovered a New Chaos Ransomware Variant *

Trend Micro Fixed a DLL Hijacking Vulnerability in its Security Solution *

Mozilla Fixed Zero-Day Vulnerabilities in its Multiple Products *

Indian Airline SpiceJet Suffers Ransomware Attack, Impacted Flight Departures *

Hackers Targeted Security Researchers with Fake Windows PoC Exploits *

US Car Manufacturer General Motors (GM) Suffers Credential Stuffing Attack, Exposed its Customers Information *

Chinese Twisted Panda APT Group Targets Russian’s Defense Institutes in Espionage Attacks *

A New Unpatched Vulnerability in PayPal Allows Hackers to Steal Money From PayPal Users *

Microsoft Store App Issues are Fixed with Emergency Updates for Windows 10 *

Russian IoT Botnet Fronton Used to Launch Social Media Disinformation Campaigns *

Chicago Public Schools Suffers Massive Data Breach After Ransomware Attack *

Predator Spyware Actively Infecting Android Users in Zero-day Attacks *

Hackers Employing PDF Documents to Drop Snake Keylogger Malware *

Threat Actors Promoting New Cryptocurrency Scam Using Fake Elon Musk YouTube Videos *

Cisco Addressed a Zero-Day Vulnerability in IOS XR Router Software *

Vidar Malware is Distributed via Fake Windows 11 Downloads *

Malicious PyPI Package Drops Backdoors Targets Windows, Linux, and Mac OS *

North Korean Lazarus Hacking Group Leveraging Log4J Vulnerability to Infect VMware Servers *

QNAP Warned Customers on New DeadBolt Ransomware Attack *

Media Giant Nikkei’s Singapore Unit Suffers Ransomware Attack *

Microsoft Detects a Massive Rise in XorDDoS Malware Activity Targeting Linux Devices *

Most Sophisticated BlackCat Ransomware (ALPHV) Gang Targeting Various Organizations *

NVIDIA Addressed Ten Flaws in the Windows GPU Display Drivers *

Microsoft Warns About Brute-Force Attacks Targeting MSSQL Database Servers *

VMware Fixed Critical Vulnerabilities in its Multiple Products *

WordPress Fixed Critical Vulnerabilities in Jupiter Theme and JupiterX Core Plugins *

Over 200 Apps Found Distributing Facestealer Spyware Via Google Play Store *

Millions of Attacks Exploiting Vulnerable WordPress Tatsu Builder Plugin *

Multiple Third-Party Web Trackers Steal User's Entered Data Before Submitting *

CISA Alerts on Actively Exploited Spring And Zyxel Vulnerabilities *

A Custom PowerShell RAT Targeting German Users Looking for Ukraine Crisis Information *

Apple Patches a Zero-Day Vulnerability in its MacOS and Watch Devices *

Manufacturing Firm Parker-Hannifin Discloses Data Breach Post Ransomware Attack *

HTML Attachments Still Used in Phishing Emails as it Avoids Detection *

Sophos Fixes BSODs Flaw in Antivirus Driver Triggered After Windows KB5013943 Update *

CISA Warns May Windows Updates on Domain Controllers *

Fake Pixelmon NFT Site Infect Users with Password-Stealing Malware *

Attackers Promoted Fake Binance NFT Mystery Box Bots on YouTube to Install RedLine Malware *

SonicWall Patches New Vulnerabilities in its SSLVPN SMA1000 Devices *

Pro-Russian Hackers DDoS Italian Govt Sites Via “Slow HTTP” Technique *

Sysrv Botnet Variant is Now Exploiting New Vulnerabilities to Deploy Cryptomining Malware *

Massive WordPress JavaScript Injection Campaign Redirecting Visitors to Malicious Sites *

Zyxel Pacthes Critical Vulnerability in its Firewall Products *

Cobalt Mirage Attackers Using BitLocker and DiskCryptor in Ransomware Attacks *

A Stealthy BPFdoor Backdoor Targeting Linux and Solaris Systems *

FBI and CISA Warns on Supply Chain Attacks Targeting MSPs *

Bitter Hacking Group Targeting Bangladesh Government Entities via Spear-Phishing Campaigns *

HP Patches High-Severity BIOS Vulnerabilities Enabling Kernel Privileges *

Hackers Deploy a New Post-Exploitation Framework IceApple on Microsoft Exchange Servers *

Attackers Spreading Another Set of Malicious Apps Through Google Play Store *

Researchers Alerts on DCRat Backdoor Being Sold on Russian Hacking Forums *

Costa Rica Declares National Emergency Following Cyberattacks from Conti Ransomware Group *

Scammers Distributing Jester Stealer Malware in Phishing Attacks *

Microsoft Patches an Actively Exploited Windows LSA Spoofing Zero-Day Flaw *

Hackers Employing Critical F5 BIG-IP Vulnerability in Destructive Attacks *

FluBot Android Malware Aims at Finland in a New SMS Phishing Campaign *

German Automotive Industry Targeted by a Month-Long Malware Campaign *

Microsoft Patch Tuesday Security Advisory - May 2022 *

Microsoft Patches a Flaw in Azure Synapse and Azure Data Factory Pipelines *

QNAP has Fixed a Critical Vulnerability Affecting Remote Command Execution in QVR *

New Windows Worm Spreading Through Infected USB Drives *

US Agricultural Machinery Company 'AGCO' Suffers Ransomware Attack *

Google Docs Crashes at the Sight “And. And. And. And. And.” *

Attackers Hijacked Ferrari's Subdomain to Host Fake NFT Scam *

New NetDooka Malware Framework Distributed via PrivateLoader Malware Distribution Service *

Unsecured ElasticSearch Server Instance Exposed Thousands of Borrower's Data *

New Chinese Threat Group Moshen Dragon Targeting Asian Telecommunication Entities *

Security Researchers Disclose Years-Old Bugs in Avast and AVG Antivirus Solution *

Google Patches an Actively Exploited Linux Kernel Flaw in its Android Security Updates *

North Korean Hacker Group 'APT38' Linked to New Ransomware Strains *

Threat Actors Targeting Microsoft Logins from Compromised UK NHS Email Accounts *

Cisco Patches NFVIS Vulnerabilities Enabling Access to Root Privileges *

F5 Alerts Users on Critical BIG-IP RCE Vulnerability Allowing Device Takeover *

Hackers Targeting Pixiv, DeviantArt Artists to Push an Info-stealer Malware *

Pro-Ukraine Hackers Actively Exploiting Docker Images to DDoS Russian Sites *

Threat Actors Distributing Magniber Ransomware in a Fake Windows 10 Upgrade Campaign *

Over Millions of Routers and IoT Devices are Vulnerable to Unpatched DNS Vulnerability *

Aruba and Avaya Network Switches Highly Vulnerable to "TLStorm 2.0" Vulnerabilities *

Threat Actors Abusing Google’s SMTP Relay Service to Distribute Phishing Emails *

Car Rental Giant Sixt Hit by Cyberattack, Disrupting its Operations *

Threat Actors Employing Bumblebee Malware Instead of BazarLoader Malware in Cyberattacks *

Attackers Targeting Ukraine Websites from Compromised WordPress Sites in DDoS Attacks *

Synology Alerts Customers on Critical Netatalk Bugs, Affecting its Several Products *

Russian Threat Group Targeted Romanian Government Sites with DDoS Attack *

Austin Peay State University Suffers Ransomware Attack *

A YouTuber Encouraging Followers to Perform DDoS Attacks Against Russia *

Popular Social Media App Whatsapp Suffers Outage, Users Reported Connection Issues *

A NPM Flaw Enable Attackers to Add Other Developers to their Malicious Packages *

Microsoft Fixed Critical Vulnerabilities in Azure Database for PostgreSQL Flexible Server *

The RIG Exploit Kit Leverages an Internet Explorer Flaw to Spread RedLine Malware *

Chinese-Linked Threat Group 'Mustang Panda' Now Targeting Russian State Officers *

Threat Group Hive0117 Targeting Eastern European Organizations in Phishing Campaign *

QNAP Warned Customers to Disable AFP Until Critical Bugs Fixed *

Microsoft Disclosed a New 'Nimbuspwn' Vulnerability in Linux Operating System *

Threat Actors Actively Exploiting Critical VMware RCE Vulnerability to Deploy Backdoors *

Threat Actors Actively Spreading Emotet Malware Via Windows Shortcut Files *

Multinational Beverage Corporation Coca-Cola Suffers a Network Breach *

American Dental Associations Sensitive Data Stolen by Black Basta Ransomware *

North Korean APT Group Targeting Journalists with Malware 'Goldbackdoor' *

French Hospital Group Suffers Cyberattack; Administrative and Patient Data Exposed *

A Critical Flaw in Ever Surf Wallet Enable Attackers to Steal Victim's Cryptocurrencies *

Atlassian Patched Critical Authentication Bypass Flaw in Jira Seraph *

Hackers Slipping 'More Eggs' Malware Into Resumes Sent to Corporate Hiring Managers *

A Critical Flaw in Cisco Umbrella’s Default SSH Key Enabled Credential Theft *

UPI Suffers Outage, Social Media Flooded with Payment Failure Complaints *

T-Mobile Confirms Lapsus$ Threat Group Breached its Internal Network *

Several Critical Flaws Disclosed in SmartPTT and SmartICS Industrial Products *

QNAP Urges Users To Mitigate Critical Apache HTTP Server Flaws *

LemonDuck and TeamTNT Hacking Docker Servers in Cryptomining Malware Campaigns *

A Critical Android Chipset Vulnerability Enables Attackers to Access User's Media Files *

New BotenaGo Botnet Variant Targeting Lilin Security Camera DVR Devices *

Amazon Web Services Patches Container Escape in Log4Shell Hotfix *

Russian Threat Group Employing New Pteredo Variants to Infect Targeted Ukrainian Entities *

Hive Ransomware Group Targeting Vulnerable Microsoft Exchange Servers *

Emotet Botnet Increased its Infection Rate in March 2022 *

CISA Warns About an Actively Exploited Windows Print Spooler Vulnerability *

QNAP Warned Customers to Secure NAS Devices from Cyberattacks *

Lenovo Disclosed UEFI Firmware Driver Vulnerabilities, Affecting Over 100 Laptop Models *

Israelian NSO Group Leveraging New iOS Flaw to Drop Spyware on iPhone Devices *

CISA Issues a Warning Regarding a North Korean Hacking Group Targeting Cryptocurrency Industries *

A Threat Actor Stole $655,388 in Cryptocurrency from Apple's iCloud *

Hackers Using Fake Windows 11 Upgrade Campaign to Infect Users *

Decentralized Finance Project Beanstalk Lost $182 Million in Flash-loan Attack *

Cisco Patches a Critical Authentication Bypass Vulnerability in its WLC Software *

'JekyllBot:5' Bugs Enable Hackers to Compromise Aethon TUG Hospital Robots *

Hackers Accessed Several GitHub's Private Repositories Using Stolen OAuth Tokens *

Scammers Targeting T-Mobile Customers in SMS Phishing Attacks *

A Vulnerability in Rarible NFT Marketplace Let Attackers Steal Users' Crypto Assets *

Wind Turbine Manufacturer 'Nordex' Suffers Conti Ransomware Attack *

Oil India Limited (OIL) Suffers Ransomware Attack *

Threat Actors Targeting Ukrainian Government Entities with IcedID Malware and Zimbra Exploits *

'OldGremlin' Ransomware Group Returns with New Malware Targeting Russian Entities *

CISA Warns About an Actively Exploited Windows Local Privilege Escalation Vulnerability *

Google Fixes An Actively Exploited Vulnerability in its Chrome Browser *

Malware Campaigns Targeting African Bank Employees with RemcosRAT Malware *

Russian Hackers Employ the Industroyer2 Malware to Attack Ukraine Power Grid *

Federal Agencies Issues a Joint Advisory on APT Groups Targeting ICS/SCADA Devices *

Hackers Actively Exploiting An Already Patched Critical VMware Vulnerability *

WordPress Developers Patches a Critical Flaw in Elementor Plugin *

A New Malware Tarrask Hides Scheduled Tasks Using Windows Vulnerability *

HP Patches Critical Bugs Impacting 15 Million Endpoints in Teradici PCoIP Software *

Hashnode Blogging Platform Reported to Have Critical LFI Vulnerability *

Microsoft Patch Tuesday Security Advisory - April 2022 *

Italian Luxury Fashion House 'Ermenegildo Zegna' Confirms Ransomware Attack *

Threat Actors Leveraging Spring4Shell Exploits to Install Mirai Malware *

American Manufacturing Company 'Snap-on' Suffers a Data Breach *

Researchers Issue Alert About Information-Stealing Malwares FFDroider & Lightning *

Qbot Operators Now Distributing Malware via MSI Windows Installer Packages *

The Android Banking Trojan Mimics Bank Customer Service Calls *

Atlassian's Ongoing Outage Might Extend Another Two Weeks *

Threat Actors Distributing a New META Malware in Spam Campaigns *

Chinese Threat Actors Actively Targeting Indian Power Grid Organizations *

New Octo Malware Let Attackers Take Control of Android Devices Remotely *

A New Traffic Direction System 'Parrot' Infects 16,500 Sites to Deploy Malware *

New Malware 'Denonia' Targets Serverless AWS Lambda with Cryptominers *

Hackers Harvesting Data Via Malicious Android Apps with Million of Downloads *

Threat Actors Using New 'FFDroider' Malware to Steal Social Media Accounts *

An Ongoing Atlassian Outage Affects Jira and Confluence Customers *

OpenSSL Infinite Loop Vulnerability Affects Palo Alto Networks Firewalls and VPNs *

Scammers Using Malicious Shopping Apps to Steal Bank Credentials of Malaysian Customers *

UK Retail Chain The Works Hit by Cyberattack *

VMware Patches Critical Vulnerabilities in its Multiple Products *

CISA Issues an Alert Relating the Active Exploitation of a Critical Spring4Shell Vulnerability *

Researchers Link Chinese Threat Group 'Cicada' to Widespread Espionage Attacks *

Hackers Breach Email Marketing Company 'Mailchimp' to Conduct Phishing Attacks *

FIN7 Hacking Group Employing Stolen Credentials and Software Supply Chain Attacks *

Several Hacking Groups Capitalizing on Russia-Ukraine War To Distribute Malware *

Threat Actors Marketing New Sophisticated Malware on Russian Hacking Forums *

Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave Routers *

New RAT Malware 'Borat' Appears on Hacking Forums, Offering Several Features *

Brokenwire Hack Could Let Attackers Disrupt Charging for Electric Vehicles Remotely *

VMware Fixes Critical Spring4Shell RCE Vulnerability in its Multiple Products *

A 15 Year Old Bug in Pear PHP Repository could Lead to Supply Chain Attack *

Trend Micro Patches Actively Exploited Vulnerability in its Apex Central Product *

Threat Actors Employ New Android Spyware to Harvest Sensitive User Data *

American Express Suffers Massive Outage, Affects Payment Services *

Threat Actors Abusing Microsoft Azure Static Web Pages in Phishing Attacks *

Hackers Using Fake Trezor Data Breach Emails to Harvest Users Cryptocurrency Assets *

CISA Warns Federal Civilian Agencies to Patch Critical Sophos Firewall Vulnerability *

Critical GitLab Vulnerability Enables Hackers to Take Over User Accounts *

Palo Alto Networks Error Leaks Customer Support Cases, Attachments *

Apple Patches Two Zero-Days in its iPhones, iPads, and Macs Devices *

Zyxel Patches Critical Authentication Bypass Vulnerability in its Firewall and VPN Products *

Vulnerable Wyze Cam Devices Allow Hackers to View Video Feeds *

Chinese Hackers Installing New 'Fire Chili' Rootkit on Vulnerable VMware Horizon Servers *

Viasat Confirmed Satellite Modems were Compromised with AcidRain Malware *

Developers Release a Fix for a Zero-Day Vulnerability in Spring Java Framework *

A New Zero-Day Vulnerability in Spring Java Framework Allows Remote Code Execution *

A Severe OpenSSL Bug Affects the Majority of QNAP NAS Devices *

Globant, an IT and software Firm, Suffers a Data Breach; 70GB of Data is Stolen *

Viasat's KA-SAT Satellite Service Suffers From Cyberattack *

A New Spear-phishing Campaign Targets Russian Govt Dissidents with Cobalt Strike *

Russian Phishing Attacks Target NATO, and European Military Forces *

FBI Warns Election Officials of Credential Phishing Campaigns *

Transparent Tribe Hackers Targeting Indian Government Officials Via Modified MFA Tool *

Mars Stealer Malware Spreads Through OpenOffice Ads on Google *

New Malware 'Verblecon' Infects Hacked PCs with Cryptocurrency Miners *

CISA Wans of Attacks on Internet-connected UPS Devices *

Shutterfly Discloses Data Breach Post Suffering Conti Ransomware Attack *

Threat Actors Using Infected WordPress Sites to Launch DDoS Attacks *

Remote Keyless System of Honda Vehicles Vulnerable to Replay Attacks *

Threat Actors Targeting Vulnerable Microsoft Exchange Servers Via Reply Chain Hijacking Attacks *

'Purple Fox' Hackers Actively Using New Variant of FatalRAT in Recent Malware Attacks *

Muhstik Botnet Targeting Redis Servers Recently Disclosed Vulnerability Via Recently Disclosed Vulnerability *

An Emergency Google Chrome Update Fixes Zero-Day Flaw Used In Attacks *

A Critical Vulnerability in Sophos Firewall Enables Remote Code Execution *

Chinese Hacking Group 'Scarab' Spotted Targeting Ukraine Amid Russia Invasion *

Threat Actors Distributing a Vidar Infostealer Via Malicious Email Attachments *

Hackers Targeting Azure Developers Via Over 200 Malicious NPM Packages *

Social Engineering Attacks Compromise Morgan Stanley Client Accounts *

Western Digital Updates My Cloud OS To Patch Critical Vulnerability *

Threat Actors Distribute a New Version of JSS Loader RAT Via Malicious Microsoft Excel Add-ins *

North Korean Hackers Actively Exploiting Recently Patched Chrome Zero-day Flaw *

VMware Releases Patches For Carbon Black App Control Flaws *

New WPS Office Flaws Give Hackers Access To Betting Firms *

China-Linked Threat Actor 'Mustang Panda' Targets European Diplomats and ISPs *

Thousands of MikroTik Routers Abused in Glupteba, TrickBot Campaigns *

Microsoft Confirms the Hack by LAPSUS$ Extortion Group, 37GB of Source Code Leaked *

New Dell BIOS Flaws Affect Millions of Inspiron, Vostro, XPS, Alienware Systems *

Several HP Printer Models Vulnerable to Remote Code Execution Attacks *

Greece's Public Postal Service ' ELTA' Suffers Ransomware Attack *

Researchers Expose Custom macOS Malware of Chinese Hackers *

A New Crypto Scam Dubbed 'CryptoRom' Abusing iPhone Features to Target Mobile Users *

New Backdoor 'Serpent' Targets French Entities via Open-Source Package Installer *

Hackers Targeting Bank Networks with New Rootkit to Compromise ATM Machines *

Threat Actors Spreading BitRAT Malware as Windows 10 License Activator *

Hackers Impersonating Legit Domains by Using New Browser-in-the Browser (BITB) Attack *

Opatch Releases an Unofficial Patch For Windows Zero-Day Flaw Giving Admin Rights *

Hackers Infecting Android Users Via Password Stealing Malware 'FaceStealer' *

Internet Systems Consortium (ISC) Patches High-severity Bugs in BIND Server *

A New Variant of Cyclops Blink Botnet Actively Targeting ASUS Routers *

Europe Warns of Aircraft GPS Outages Linked To Russian Invasion *

Unsecured Microsoft SQL and MySQL Servers are Targeted by Gh0stCringe Malware *

SolarWinds Warns Against Attacks Aimed at Web Help Desk Instances *

Over Hundreds of GoDaddy-Hosted Sites Were Backdoored In One Single Day *

CISA Added 15 Known Vulnerabilities Exploited in Attacks *

OpenSSL Patches a High-Severity DoS Vulnerability *

Hackers Employing Log4j Exploits to Infect Linux Machines *

A Massive Phishing Campaign Employs 500+ Domains to Steal Credentials *

Giant Automotive Manufacturer DENSO Suffers Data Breach *

QNAP Alerted on Linux 'Dirty Pipe' Vulnerability, Affecting its NAS Devices *

Threat Actors Employed CaddyWiper Data Wiping Malware in Ukraine Attacks *

New Linux Vulnerability Allows Hackers to Elevate Privileges *

Researchers found New Evidence linking Kwampirs Operators to Shamoon Malware *

Bridgstone Americas Suffers Data Breach Post Ransomware Attack *

Vulnerable Package Managers let Attackers to Infect Developers' Systems *

Giant Video Game Developer Ubisoft Disclosed a Cyberattack, Services Disrupted *

New Variant of Aberebot Trojan Harvest Users' Google Authenticator MFA Codes *

Attackers Using YouTube Platform to Infect Video Games Players with Malware *

Threat Actors Using Custom-made Hacking Tools in Cyberattacks *

Emotet Botnet Employing Over 100,000 Bots to Carryout Cyberattacks *

Iranian Threat Group Targeting Turkey and Arabian Peninsula in Malware Attack *

Threat Actors Employing Mitel Devices to Launch DDoS Reflection Attacks *

Russian Federal Agencies' Websites Compromised in a Supply Chain Attack *

CISA Updated Conti Ransomware Alert with 100 Domains used in Cyberattacks *

Chinese Threat Actors Targeting European Diplomatic Entities in Phishing Attacks *

Scammers Impersonating Government Officials and Law Enforcement in Fraud Scams *

Coinbase Blocks Over 25,000 Blockchain Addresses Linked to Russian Individuals *

A New Linux Vulnerability Enable Hackers to Gain Root Access on Vulnerable Systems *

Microsoft Fixes a Critical Azure Bug Exposing Other Customers Data *

Romania's Rompetrol Gas Station Network Suffers Hive Ransomware Attack *

Ukraine's Computer Emergency Response Team Warns of New Phishing Attacks *

TerraMaster Patches Critical Vulnerabilities in its Network-attached Storage (NAS) Devices *

Researchers Identify SharkBot Malware Disguised as an Android Antivirus on Google Play Store *

Threat Actors Using Stolen NVIDIA's Code-signing Certificates in Cyberattacks *

Russian Government Shares a List of IP Addresses DDoSing Russian Organizations *

Vulnerable Linux Kernel Versions Enable Hackers to Execute Arbitrary Commands *

New Security Bug Affects Thousands of Self-Managed GitLab Instances *

Mozilla's Security Updates address two critical zero-day vulnerabilities in Firefox *

'Lapsus$' Hacking Group Allegedly Leaks Samsung Electronics Confidential Data *

Cisco Issue Patches for Expressway Series, TelePresence VCS Products *

Researchers Propose New Side-Channel Attack on Homomorphic Encryption *

New York State Office of the Attorney General Warns Users Impacted by T-Mobile Data Breach *

Over 71,000 NVIDIA Employees Credentials Compromised as a Result Of a Data Breach *

Researchers Disclose a Malware Campaign Impersonating VC Firm Using Phishing Emails *

Developers Address Critical Security Flaws in Famous Multimedia Library PJSIP *

Researchers Disclose Critical Security Vulnerabilities in VoIPmonitor Monitoring Software *

Threat Actors Leveraging Log4Shell Vulnerabilities to Launch DDoS and Cryptomining Attacks *

Belarusian Nation-state Threat Group Actively Targeting European Government Entities *

TrickBot Operators Updates its AnchorDNS Backdoor to AnchorMail *

Threat Actors Abusing Google Ads to Push Hundreds of eBike Phishing Sites *

China-linked Daxin Malware Actively Targeting Several Governments Infra in Espionage Attacks *

TeaBot Malware Resurfaces on Google Play as a QR Code Scanner App *

Insurance Giant 'AON' Suffered Cyberattack Over the Weekend *

Second New Malware 'IsaacWiper' Targets Ukraine Amid Russian Invasion *

Automobile Giant 'Toyota' Halts Production Amid Cyberattack on Supplier *

Video Surveillance Giant 'Axis Communications' Suffers Massive Network Breach *

Threat Actors Abusing Content Filtering Devices in DDoS Amplification Attacks *

An Infostealer Malware 'Jester Stealer' Updated with New Malicious Capabilities *

Threat Actors Using Ransomware as Decoy in Ukraine Cyberattacks *

Android Visual Voice Mail App Vulnerability Let Attackers to Steal User Passwords *

NHS Urges Users to Patch Okta Advanced Server Client RCE Vulnerability *

American Multinational Technology Corporation 'Nvidia' Hit by Cyberattack *

Targeted Citibank Customers Suffer Phishing Attack with Fake Suspension Alerts *

Threat Group 'UNC2596' Exploiting Microsoft Exchange Vulnerabilities to Install Ransomware Payload *

Hackers Using Microsoft Official Store to Deploy Malware on Victims' Systems *

Threat Actor Group 'APT27' Hit US Defense Contractors Using Stealthy SockDetour Backdoor *

Deadbolt Ransomware Operators Actively Targeting ASUSTOR NAS Devices *

Researchers Identify a New Destructive Wiper Malware Leveraged in Ukraine Attacks *

CISA Warns About an Actively Exploited Flaws in Zabbix Network Monitoring Platform *

Researchers Unveil New Malware 'Small Sieve' Used by MuddyWater Hackers *

Researchers Warn of New Russian Botnet Built from Hacked Firewall Devices *

25 Malicious JavaScript Libraries Enable Hackers to Steal Users' Discord Tokens and Environment Variables *

Threat Actors Employing Dridex Bots to Deploy Ransomware Payload on Infected Networks *

Chinese Researchers Uncover Details About Equation Group's Bvp47 Backdoor *

Researchers Disclose a 9-Year-Old Bug in Horde Webmail Software *

Massive DDoS Attacks Hit Ukrainian Government Agencies and Banks Once Again *

Researchers Disclose a New Phishing Technique Bypassing Multi-factor Authentication *

Chinese Threat Group 'APT10' Targeting Taiwan Entities in a Supply Chain Attack *

Hancom Office Software Vulnerable to Code Execution and Memory Corruption Attacks *

Fraudsters Stolen $1.7 Million Worth NFTs from OpenSea Users' in a Phishing Attack *

Threat Actors Actively Scanning Vulnerable MS SQL Servers to Deploy Cobalt Strike Beacons *

A New Android Banking Trojan Spotted on Google Play Store, Targeting Europeans *

American Logistics Company 'Expeditors International' Hit by Massive Cyberattack *

Giant Cookware Distributor 'Meyer Corporation' Suffers Data Breach Following Ransomware Attack *

Islamic Republic of Iran Broadcasting (IRIB) Hit by Cyberattack *

WordPress Force-Updating UpdraftPlus Plugin Patch on Million of Sites *

Iranian Threat Group Leveraging Log4j Vulnerabilities to Affect VMware Horizon Servers *

PseudoManuscrypt Botnet Followed CryptBot Techniques Since May 2021 *

Monzo Online Banking Users Targeted by New phishing Attack *

Popular E-cigarette Online Store was Compromised to load Credit Card Skimmer *

Adobe Updated its Security Advisory for Critical Vulnerability *

Cisco Patched high severity vulnerability Impacts Cisco Email Security Appliance *

Hackers Use Microsoft Teams Chats to Spread Malware *

Researchers Alerts on Golang-based Kraken Botnet Targeting Windows Systems *

Cyber Threat Group 'Moses Staff' Targeted Israeli Organizations *

Red Cross Claimed State-Sponsored Hacking Group Responsible for the Attack *

BEC Scammers Impersonating CEOs in Virtual Meetings *

Trickbot Malware Targeting Well-known Companies to Steal Users Credentials *

Researchers Disclosed a High-Severity Vulnerability in Apache Cassandra *

VMware Patched High Severity Vulnerabilities Affecting Several Products *

BlackCat Ransomware Group Claims Swissport Ransomware Attack *

Ukrainian Defense and Two Bank Sectors Hit By Massive DDOS Attack *

Threat Actors Employing Mylobot Malware to Send Cyberbulling Emails *

Researchers Attribute ShadowPad Malware Attacks to Chinese Threat Groups *

Japanese Sportswear Company Mizuno Hit by Ransomware Attack *

Moxa Patches 5 Critical Security Vulnerabilities in its MXview Software *

Ukraine Suffers from Ongoing Massive Hybrid Warfare *

NFL’s San Francisco 49ers Team Hit by Blackbyte Ransomware Attack *

Google Pushes a Chrome Update to Fix Zero-day in its Chrome Browser *

Adobe Fixed Critical Zero-day Vulnerability, Affects Adobe Commerce and Magento Users *

Croatian Mobile Network Operator 'A1 Hrvatska' Suffers Data Breach *

Researchers Identified New Sophisticated Rust-based Ransomware Attack *

CISA Added 16 New Flaws to its Known Exploited Vulnerabilities Catalog *

Threat Group ModifiedElephant Installed Fake Digital Evidence on Indian Activists *

Apple Patches an Actively Exploited Zero-Day Flaw in its Security Updates *

Threat Actor Group 'APT29' Targeted European Diplomats Via COVID-19-Themed Phishing Emails *

FritzFrog Botnet Infects 1500 Hosts Within a Span of One Month *

Researches Disclose Advanced Threat Group 'ModifiedElephant' Stealth Mode Operation Strategies *

Vulnerable 'PHP Everywhere' Plugin Pose High Risk for Thousands of WordPress Sites *

Iranian Threat Group Deploying Backdoor Dubbed Marlin in a New Espionage Campaign *

Hackers Infected Hundreds of Magento Sites in MageCart Attacks *

FBI Alerts Users of Increased SIM Swap Fraud Hijacking Victims Numbers *

Advance Threat Group Employing New Implant to Infect Middle East Entities *

Threat Actors Targeting European Android Users in Smishing Attacks *

Kimsuki Hacker Group Using Commodity RATs with Custom Gold Dragon Malware *

Google Patches Two Critical Bugs Via Android Security Updates for Feb 2022 *

Vulnerable Mimosa Wireless Broadband Products are Exposed to Remote Attacks *

SAP Patches Multiple Security Vulnerabilities in its February 2022 Security Patch Day *

Vodafone Portugal Hit by Massive Cyberattack *

Microsoft Patch Tuesday Security Advisory - February 2022 *

Politically Motivated Threat Group Targeting Indian Military and Diplomatic Resources *

Medusa Malware Targeting Android Users in Smishing Campaigns *

Leading Sportswear Manufacturer Puma Suffers Data Breach Following Ransomware Attack *

DPD Group's Parcel Tracking Flaw May Expose Customers' Personal Information *

Vulnerable Argo CD Exposes Sensitive Information from Kubernetes Apps *

American Media Giant News Corp Hit by Persistent Cyberattack *

Researchers Identified a New Ransomware-as-a-Service (RaaS) Operation in Cyberattacks *

Israeli Company QuaDream Abusing iPhone Security Vulnerability to Deploy Spyware *

Switzerland's Aviation Firm Swissport Hit by Ransomware Attack *

Chinese Threat Actors Actively Exploiting a Zimbra Zero-day Vulnerability to Steal Emails *

Cisco Patches Several Flaws Discovered in Small Business RV Series Routers *

Intuit Warns of Phishing Campaign Sending Fake Account Suspended Mails *

Antlion Hackers Targeting Financial and Manufacturing Institutes Using Custom Backdoor *

Threat Actor Group 'Moses Staff' Using New StrifeWater RAT in Ransomware Attacks *

UEFI Firmware Vulnerabilities Impact at least 25 Computer Vendors *

Threat Actors Using SEO Poisoning Technique to Install Malware Package *

New Malware Used by SolarWinds Hackers Went Undiscovered for Many Years *

Kenyon Produce (KP) Snacks Company Suffers Ransomware Attack *

Morley Companies Inc. Discloses a Data Breach Post Ransomware Attack *

ESET Patches High Severity Vulnerability Affecting its Multiple Products *

Threat Actor Group 'Charming Kitten' Using New PowerShell Backdoor in Cyber Espionage Attacks *

SolarMarker Malware Employing Novel Techniques to Persist on Hacked Systems *

Researchers Disclose New Iranian Hacking Campaign Targeting Turkish Users *

Researchers Found a New Oski Malware Variant Dubbed ' Mars Stealer' in Cyberattacks *

Phishing Scammers Employing Malicious CSV Files to Drop Malware *

German Petrol Supply Firm Oiltanking Severely Impacted by Cyber-attack *

British Council Suffers Data Leak, 144000 Records Exposed *

Gamaredon Threat Group Using New Malicious Files in Phishing Attack *

Samba Patched a Critical Vulnerability that Let Hackers Gain Root Access *

Hackers Abusing UPnP Routers to Perform Malicious Activities *

WordPress Addresses a Critical Vulnerability in a Plugin with Over a Million Downloads *

Russian Threat actors Employ Stealthy Malwares in Cyber Espionage Campaign Dubbed 'StellarParticle' *

Taiwanese Electronics Manufacturer, Delta Hit by Conti Ransomware *

Hackers Taking Over CEO accounts Using Rogue OAuth Apps *

Phishing Operators Using a Windows Update to Install Malware *

Researchers Discover Over 20,000 Vulnerable DCIM Systems Prone to Attacks *

Finnish Diplomats’ Mobiles Infected with Pegasus Spyware *

Patched Windows Vulnerability with New Public Exploits Lets Hackers Become Admin *

Linux Version of LockBit Ransomware Targeting VMware ESXi Servers *

Discord Suffers Major Outage Caused by API and Database Issues *

Chaes Banking Trojan Hijacking Chrome with Malicious Extensions *

New FluBot and TeaBot Campaigns Abusing Android Devices Worldwide *

Phishing Attack Impersonate Shipping Giant 'Maersk' to Deploy Malware *

A Video Game Company BANDAI NAMCO Shutdown Servers to Prevent Cyberattacks *

Apple Patches New Zero-day Exploited to Hack macOS, iOS Devices *

German Government Warns of APT27 Group Backdooring Business Networks *

Linux System Service Flaw Enables Root on all Major Distros *

DazzleSpy Malware Targets macOS Users in Watering Hole Attack *

Threat Actors Employing Compromised Accounts to Deliver Large-scale Phishing Emails *

Premium Subscription-Based Scam Targeting Android Users *

TrickBot Malware Operators Added New Techniques to Elude Detections *

Russian Threat Group Targeting Government and Defense Industries *

New DeadBolt Ransomware Targets QNAP Devices, Demands 50 BTC for Master Key *

Initial Access Broker Attack VMware Horizon Servers in Log4Shell Attacks *

Canadian Government Hit by Cyberattack, Few Services Disrupted *

Threat Actors Hacked Segway Store to Steal Customers' Credit Card Data *

Emotet Spam Campaign Using Unconventional IP Address to Evade Security Detections *

Phishing Campaign Employing Malicious PowerPoint Files to Push Malware *

Threat Actors Now Actively Targeting a Patched Critical SonicWall RCE Bug *

Two CWP Bugs Allow Code Execution as Root on Linux Servers *

Android Malware BRATA Strikes Back with Enhanced Features, Wipes Device After Stealing Data *

Hackers Encrypted Belarusian Railway's Internal Servers in Protest *

Researchers Identified a New UEFI Firmware Implant in Cyberattacks *

Hackers Backdoored Over 90 WordPress Themes, Plugins in Supply Chain Attack *

Researchers Uncover 2 Flaws in Zoom Software, Resulting in Zero-click Attack *

SonicWall Provides Temp Fix For Firewalls Stuck in Reboot Loop *

CISA Discloses New 17 Vulnerabilities Exploited in Attacks *

Threat Group Molerats Targeting Middle East in Cyberespionage Campaign *

McAfee Agent Update Fixes Two High-Severity Vulnerabilities *

F5 Patches 24 Vulnerabilities in its BIG-IP, BIG-IQ, and NGINX Controller API Products *

Dutch National Cybersecurity Centre Warns of Lingering Log4j Threats *

WordPress Plugin Flaw Puts Users of 20,000 Sites at Phishing and Code Injection Risk *

Several Spyware Campaigns Stealing Credentials in Industrial Firms *

DoNot Hacking Group Targeting Government and Military Entities in South Asia *

Indonesia's Central Bank Discloses Ransomware Attack, Conti Leaks Data *

Cisco Flaws Provide Remote Attackers Root Privileges via Debug Mode *

Red Cross Cyberattack Leaks Data of 515,000 Individuals *

SolarWinds Patches Serv-U Vulnerability Exploited for Log4j Attacks *

Russian Attackers Employing Subscription-based Malware Service to Deploy Malware *

Scammers Impersonating United States Department of Labor in Phishing Campaign *

A New Stealthy Malware Targeting Users' Cryptocurrency Wallets and Passwords *

Researchers Discloses a Critical Flaw in SAP NetWeaver AS ABAP and ABAP Platforms *

Critical Flaw in IDEMIA Biometric Identification Devices Enable Unauthorized Access *

Large-scale Phishing Campaign Targeting Renewable Energy Firms *

Researchers Link New White Rabbit Ransomware to FIN8 Hacking Group *

Earth Lusca Hackers Targeting High-Value Targets in Government and Private Sectors *

Microsoft Issues Emergency Patches for Windows Server, VPN Bugs *

Fashion Giant Moncler Discloses Data Breach Post Ransomware Attack *

Microsoft Warns of Fake Ransomware Targeting Ukraine in Data-wiping Attacks *

High-Severity CSRF Flaw in 3 WordPress Plugins Affected 84,000 Websites *

Nintendo Warns of Phony Sites Pushing Fake Switch Discounts *

eNom Data Center Migration Process Knocks Sites Offline *

Zoho Patches a Critical Security Flaw in Desktop Central *

An Undisclosed npm Dependency Flaw Affected Facebook's Create React App *

Vulnerable Apple Safari Browser Allows Hackers to Track User Activity *

Cybercriminals Abusing Public Cloud Infrastructure to Distribute Several RAT's *

Goodwill's E-commerce Platform 'ShopGoodwill' Suffers Data Breach *

Cisco Patches a Critical Bug Affecting Unified CCMP and Unified CCDM *

Qlocker Ransomware Returns to Target QNAP NAS Devices Globally *

Defense Contractor Hensoldt Discloses a Ransomware Attack *

Massive Cyber Attack Knocks Down Several Ukrainian Government Websites *

North Korean Hackers Stealing Millions from Cryptocurrency Startups Globally *

Financially Motivated Hacking Group Targeting Cryptocurrency Startups *

Threat Actors Compromised FIFA 22 Accounts Using Social Engineering Techniques *

AWS Patched Security Vulnerabilities that Exposed AWS Customers' Information *

Sentinel LABS Released an Unofficial Patch for Privilege Escalation Vulnerability, affecting all Windows Devices *

OceanLotus Threat Group is using Web Archive Files to Install Backdoors *

Magniber Ransomware Gang now Utilizing Signed APPX Files in Attacks *

Microsoft Patched Critical Flaw in Windows HTTP Protocol Stack *

Apple Fixed a Persistent Denial of Service (DoS) Flaw Dubbed 'doorLock' *

Ransomware Operators Leveraging Log4Shell Exploit to Infect VMware Horizon Systems *

Microsoft Patch Tuesday Security Advisory - January 2022 *

New SysJoker Backdoor Actively Targeting Windows, macOS, and Linux Users *

Threat Actors Deploying New RedLine Malware Via Fake Omicron Stat Counter App *

KCodes NetUSB Kernel Module Bug Affects Millions of Routers Globally *

CISA Warns Federal Agencies of Ancient Flaws Still Being Exploited *

Threat Actor Group 'Patchwork' Infecting Users with Ragnatela Malware *

Researchers Link 'Abcbot' Botnet Operation to Xanthe Cryptomining Botnet Operators *

Threat Actors Targeting Cybersecurity Researchers and Developers in Malware Campaign *

State Hackers Employ New PowerShell Backdoor in Log4j Attacks *

Vulnerable Open-Source NPM Libraries 'colors' and 'faker' Breaks Thousands of Apps *

Linux Version of AvosLocker Ransomware Encrypting VMware ESXi Servers *

Researchers Discovered Security Flaw like Log4Shell in H2 Database Console *

A New 'Night Sky' Ransomware Targeting Corporate Companies *

Microsoft Warns of Persistent Attacks Leveraging Apache Log4j Flaws *

Y2K22 Bug Hits SonicWall's Email Security, Firewall Products *

Hackers Employ BadUSB to Target Defense Firms with Ransomware *

NHS Warns of Unknown Hacker Group Exploiting Log4Shell in VMware Horizon *

FluBot Malware Operators Targeting Europe Posing as Flash Player App *

FinalSite Hit by a Ransomware Attack that Disrupted Thousands of Schools *

QNAP Warns of Attacks Targeted at Internet-exposed NAS Devices *

North Korean Hacker Group "Konni" Attacks Russian Foreign Ministry *

Credential Stuffing Attacks Impact 1.1 Million Users at 17 Companies *

US Online Pharmacy "Ravkoo" Suffers Data Breach Post AWS Portal Hack *

Hackers Abusing Google Docs Commenting Feature to Drop Malware *

FBI Warns of an Ongoing Google Voice Authentication Scams *

Microsoft Releases an Emergency Update to Address Windows Remote Desktop Issues *

Threat Actors Injecting Web Skimmer Code to Steal Sensitive Information *

U.S. Cellular Disclose Data Breach Post Billing System Hack *

Hospitality Chain McMenamins Suffers Data Breach Post Ransowmare Attack *

Apple iOS Vulnerable to Denial of Service Flaw "doorLock" *

Broward Health Company Discloses a Data Breach, 1.3 Million Individuals Affected *

Threat Actors Deploying Purple Fox Malware via Malicious Telegram Installers *

Microsoft Release a Temporary Fix to Address Exchange Server Flaw *

Kyoto University Loses 77TB of Research Data due to Backup Error *

Netgear Leaves Six High Severity Vulnerabilities Unpatched in Nighthawk Router *

PulseTV Discloses Data Breach of 200,000 Credit Cards *

Researcher Discloses a Security Flaw in Uber's Email System *

New iLOBleed Rootkit Wiping Data from Compromised HP Enterprise Servers *

AvosLocker Ransomware Group Releases Decryptor Post Breaching US Police *

Firmware Attack May Drop Persistent Malware in Hidden SSD Area *

Chinese APT Hackers Employ Log4Shell Flaw to Attack an Academic Institution *

Prominent Crypto Trading Platform, ONUS Suffers Ransomware Attack via Log4j Hack *

Storage Devices of Several Vendors Impacted by Encryption Software Bugs *

Norwegian Media Giant Amedia Suffers Disruption Due to Cyberattack *

Researchers Disclose New Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics *

Apache Releases Log4j 2.17.1 to Address a Remote Code Execution Bug *

RedLine Malware Stealing Passwords Saved in Chromium-based Web Browsers *

BlackTech Cyber-espionage APT Targeting Japanese Companies Using Flagpro Malware *

Threat Actors Attempted to Compromise LastPass Users Master Passwords *

Researchers Identify Infiltration of Riskware Apps on Samsung's Galaxy Store *

Threat Actors Actively Abusing MSBuild for Cobalt Strike Beacon Execution *

Photo Services Giant Shutterfly Hit by Conti Ransomware Attack *

ech0raix Ransomware Group Actively Scanning for Vulnerable QNAP NAS Devices *

Pirated 'Spiderman: No Way Home' Movie Torrent Delivers Crypto-Mining Malware *

Several Vulnerabilities in Garrett Metal Detectors Let Hackers to Alter Configurations *

Global IT Services Provider Inetum Suffers Ransomware Attack *

Android Banking Trojan Spreads via Bogus Google Play Store Page *

Blackmagic Patches Critical DaVinci Resolve Code Execution Flaws *

Dridex Operators Targeting Covid-19 Victims via Omicron Phishing Taunts *

Monongalia Health System Suffers Email Breach, Affecting 400,000 Individuals *

NVIDIA and HPE Patches Apache Log4j Library Vulnerabilities in its Products *

Researchers Disclose a New Variant of Babuk Ransomware *

New Dell BIOS Updates Results in Laptops and Desktops Boot Issues *

Apple Patches macOS Security Flaw Behind Gatekeeper Bypass *

Researchers Uncover New Phishing Campaign Aimed at CoinSpot Crypto Exchange *

Threat Actors Deploying Stealthy BLISTER Malware on Windows Devices *

Pro Wrestling Tees Discloses Data Breach, 31,000 Customers Info Compromised *

Apache Patches Two Severe Security Vulnerabilities in its HTTP Server *

Microsoft Azure App Service Bug Exposes Customers Source Code Repository *

CISA, FBI and NSA Releases Joint Advisory and Scanner for Log4j Vulnerabilities *

Chinese-speaking Espionage Group Targeting Government and Transportation Sectors *

Researchers Identify Stealthy Backdoors in Auerswald's COMpact 5500R PBX's Firmware *

All Mobile Phone Generations Since 2G Vulnerable to Newly Identified Mobile Network Vulnerabilities *

FBI: Threat Actors Actively Exploiting New Zoho Zero-Day Since October 2021 *

Over 820,000 Vulnerable WordPress sites are Exposed to Attacks *

PYSA Ransomware Group was Behind Major Attacks in November 2021 *

Scammers Impersonate Pharmaceutical company 'Pfizer' in Phishing Attacks *

Sony Life Insurance Employee Arrested for Stealing $154 Million Dollars *

Hackers Taking Over Vulnerable Windows Domains via Elevation of Privilege Vulnerabilities *

Researchers Suspect 'Cytrox' for Distributing 'Predator' Spyware on iPhones *

Cyber Criminals Infected U.S. Federal Agency's Network with Backdoor *

Malicious Android App Distributes New Joker Malware, Infected Over 500,000 Android Users *

Hackers Distributing New Stealthy DarkWatchman Malware through Phishing Emails *

Threat Actors Revived TellYouThePass Ransomware in Linux, and Windows Log4j Attacks *

Threat Actors Exploiting Log4j Vulnerability to Deploy Dridex Banking Malware *

Western Digital Urges Users to Upgrade their My Cloud Devices *

Logistics Firm "Hellmann" Warns Users of BEC Emails Post Ransomware Attack *

Threat Actors Infected Over 35,000 Computers in 2021 Using a New PseudoManuscrypt Malware *

Threat Actors Targeting Spider-Man Franchise Fans with Credit-Card Harvesting *

VMware Patches a Critical Flaw in Workspace ONE UEM *

Phorpiex Botnet Surfaces Again with a more Sophisticated Variant *

Khonsari Ransomware Group Targeting Self-Hosted Minecraft Servers *

Apache Issues a New Patch to Fix 3rd Log4j Vulnerability *

Researchers Suspect New Attack Vector Identified in Log4j Exploits may Expand the Attack Surface *

Iranian State-Sponsored Hacker Abused Slack API to Steal Asian Airline Data *

US Prominent Brewery and Hotel chain "McMenamins" Hit by a Conti Ransomware Attack *

Log4j Hackers Switch to Injecting Monero Miners via RMI *

Credit Card Skimmers Targeting Ecommerce Sector via Magecart Attacks *

DDoS Mitigation Service Provider "Cloudflare" Suffers Widespread Latency and Timeouts *

A New Espionage Campaign Targeting Telecom Organizations in Middle East and Asia *

Hackers Steal Microsoft Exchange Credentials Using Backdoor "Owowa " *

Threat Actors Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges *

Apple Releases an iOS Update for Remote Jailbreak Exploit *

PyPi Removes 3 Python Packages Suspected of Dropping a Trojan on Victim Systems *

Virginia Information Technology Agency Suffers Ransomware Attack *

Workforce Management Solutions Provider, Kronos Suffers Ransomware Attack *

Over 300,000 MikroTik Devices Still Vulnerable to Remote Hacking Flaws *

AWS Suffers Second Outage in this Month, Impacts Twitch, Zoom, PSN, Hulu, others *

Vulnerabilities in Wi-Fi and Bluetooth Chips Enable Hackers to Steal Passwords *

Researchers Identify "ALPHV" as the Most Sophisticated Ransomware in 2021 *

Threat Actors Actively Exploiting Log4Shell Vulnerability to Deliver Malware on Vulnerable Machines *

Partially Fixed Dell Computer Drivers Still Vulnerable to Windows Kernel-level Attacks *

Threat Actors Targeting German E-Banking Users via New Phishing Campaigns *

Volvo Cars Suffers Ransomware Attack, R&D Information Exposed *

Researchers Link 'XE Group' to Eight Years of Credit Card Theft *

Apache Foundation Releases a Security Patch for Second Log4j Vulnerability *

Microsoft Patch Tuesday Security Advisory - December 2021 *

Mojang Studios Publishes an Emergency Minecraft Update Amid Critical Log4j Vulnerability Exploits *

Threat Actors Dropping Agent Tesla Malware Using PowerPoint Macros in On-going Phishing Campaigns *

Hackers Employ Known Info-stealing Malware "TinyNuke" Targeting French Users *

Researchers Disclose Building Blocks of Widely Active Qakbot Banking Trojan *

AWS Discloses the Cause Behind the Recent Massive Outage *

Researches Disclose an Active Campaign Exploiting Over Vulnerable 1.6 Million WordPress Sites *

17 Malicious NPM Packages Let Attackers to Steal Discord Tokens *

Google Pushes Emergency Chrome Update to Fix Zero-day in its Chrome Browser *

South Australian Government Data Breach Expose Over 80,000 Employees Info *

Threat Actors Targeting Enterprises Using New Zero-day Exploit for Log4j Java Library *

StrongPity Hacking Group Pushing Malware Using Malicious Notepad++ Installers *

Dark Mirai Botnet Actively Targeting Unpatched TP-Link Routers *

Hackers Targeting US Universities via Office 365 Phishing Campaigns *

Vulnerable Hikvision's IoT Devices Targeted by Moobot Botnet *

Emotet Malware is Now Installing Cobalt Strike Directly on Infected Devices *

Fujitsu Cites the Breach on Japanese Ministries' on Stolen ProjectWEB Credentials *

Cox Communications Disclose Data Breach Post Hacker Impersonates Support Agent *

SanDisk SecureAccess Flaw Enables Brute Force Attacks Against Vault Passwords *

Google Fixes High Severity Use-After-Free Vulnerabilities in its Chrome Browser *

SolarWinds Hackers Targeting Government and Business Organizations Worldwide *

Phony KMSPico Software Stealing Victims' Cryptocurrency Wallets *

Hackers Employ Fake 'Spam Notification' Phishing Emails to Steal Microsoft Credentials *

SonicWall Patches Several Security Flaws in its SMA 100 Series Appliances *

Grafana Patches a Zero-day Flaw Post Exploits Spread Over Twitter *

Popular Cloud Service Providers Affected by Multiple Vulnerabilities in Eltima SDK *

AWS Suffers Outage, Impacts Ring, Netflix, and Amazon Deliveries *

QNAP Warns Users to Secure NAS Devices Against Bitcoin Miner *

Conti Ransomware Strikes Scandinavian Hotel Group "Nordic Choice" *

Hundreds of SPAR Stores Suffer Massive Outage in Northern England *

BitMart Cryptocurrency Exchnage Loses $200 Million Worth of Cryptocurrency Tokens Post Hack *

Microsoft Seizes Domains Used by APT15 Chinese State Hacker Group *

Researches Disclose 17 Malicious Frameworks Used to Attack Air-Gapped Networks *

Pakistani Threat Actor "SideCopy" Targeting Indian and Afghan Governments *

Malvertising Campaigns Distributing Backdoors and Malicious Chrome Extensions *

Threat Actors Distributing Android Banking Malware "BRATA" via SMS Phishing Campaign *

Researchers Disclose 14 New XS-Leaks Attacks on Well-known Web Browsers *

Finland's National Cyber Security Centre Warns of New Android Banking Malware Campaigns *

Threat Actors Employing RTF Template Injection Method in Phishing Campaigns *

Phishing Actors Actively Exploiting Users Via Omicron Themed Phishing Campaign *

Zoho Patches a Critical ManageEngine Bug Exploited in Wild *

Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats *

Scammer Sentenced for Stealing Millions of Dollars of Cryptocurrencies via SIM Hijacking *

Threat Actors Promoting a Malicious Android App to Steal Malaysian Bank Credentials, and MFA Codes *

BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers *

New Malware "NginRAT" Actively Targeting E-commerce Servers *

Planned Parenthood LA Discloses Data Breach Post Ransomware Attack *

Threat Actors Spreading Emotet via Fake Adobe Windows App Installer Packages *

Four Android Banking Trojans Infected Over 300,000 Android Devices in 2021 *

Mozilla Patches a Critical Flaw in its Cross-platform Cryptography Library *

TrickBot Malware Authors Employing New Ways to Evade Detection *

Russian Threat Actors Employing Babadeda Crypter to Evade Detection *

Hardware Giant "HP" Patches 8-year-old Critical Flaws in its Multi-functional Printers *

Ohio-based DNA Testing Firm "DNA Diagnostics Center" Discloses Data Breach, Impacting 2.1 Million People *

'Sabbath' Ransomware Operators Target Critical Infrastructure in US and Canada *

North Korean Defectors and Journalists Targeted by a New Chinotto Malware *

Threat Actors Utilizing Compromised Google Cloud Instances to Mine Cryptocurrency *

Marine Services Provider "Swire Pacific Offshore" Suffers Ransomware Attack *

Threat Actors Hide New Linux Malware Payload in Cron Jobs to Steal Credit Card Data *

Stealthy Hacker Group "WIRTE" Targeting Governments in the Middle East *

Researchers Warn of Attacks Targeting Recently Patched Apache HTTP Server Vulnerability Exploited in Wild *

Japanese Multinational Conglomerate "Panasonic" Discloses Data Breach Post Network Hack *

Furniture Retail Giant IKEA Email Systems Hit by Ongoing Cyberattack *

Researchers Disclose New Zero-day Vulnerability in Windows 10 Mobile Device Management Service *

APT C-23 Hackers Targeting Target Middle East Users Using New Android Spyware Variant *

Researchers Uncover a New Stealthy JavaScript Malware Dropping Several Windows based RATs *

Iranian Threat Actors Exploiting Microsoft MSHTML RCE Flaw to Steal Google, Instagram Credentials *

Advanced Hacking Group Targeting Biomanufacturing Industries Via New Malware Variant *

Researchers Linked North Korean Attackers to Several Credential Theft Campaigns *

Malicious Python Libraries Steal Discord Tokens and Install Reverse Shells *

PHP Deserialize Bug in CloudLinux Imunity360 May Lead to Remote Code Execution *

"RedCurl," A Corporate Cyber Espionage Threat Group Strikes With New Hacking Tools *

Cisco Patches a High Severity Bug in its Cisco ASA and FTD Firewalls *

MediaTek Chips Bugs Affect 37% of All Smartphones and IoT Globally *

VMware Patches Multiple Vulnerabilities in its vCenter Server and Cloud Foundation *

Over 6 Million Sky Routers Vulnerable to Takeover Attacks for 17 months *

New Android Banking Malware ‘SharkBot’ Hitting Targets in U.S., UK and Italy *

North American Wind Turbine Giant "Vestas" Suffers a Data Breach *

Iran Airlines "Mahan Air" Hit By Cyber Attack *

Threat Actors Actively Exploiting New Windows Installer Zero-day Flaw *

US SEC Alerts Investors About Ongoing Impersonation Attacks *

Utah Medical Center Suffers Data Breach; 582k Patients Info Stolen *

Threat Actors Hacking Vulnerable Microsoft Exchange Servers to Hijack Internal Email Chains *

GoDaddy Suffers Data Breach Affecting 1.2 million Customers *

Android Malware BrazKing Back with New Stealthy Techniques *

Threat Actors Abusing Glitch Cloud Service to Host Short-lived Phishing Websites *

APT Group Exploiting FatPipe VPN Zero-Day Bug Since May 2021 *

Vulnerable eCommerce Sites Allow Hackers to Deploy a New Linux Backdoor *

Attackers Employing Domain Fronting Technique to Evade Malicious Traffic *

Attackers Distributing Emotet Malware in New Spam Campaigns *

Netgear Fixes Pre-Authentication Buffer Overflow Bug which Affects various Products *

New TikTok Phishing Attack Targeting Influencers’ Accounts *

Emotet Botnet Returns Using TrickBot Malware *

Microsoft Released Emergency Updates to Fix Windows Server Authentication Issues *

NPM Patched Private Package Names Leak and Serious Authorization Flaw *

New Release Google Chrome 96 Shatters Twitter and Discord Web Apps *

WordPress Sites are Targeted to Display Fake Ransomware Notes *

High Severity Flaws Discovered in BIOS Firmware Affects Various Intel Processors *

Hackers Actively Targeting Alibaba ECS Instances to Deploy Cryptojacking Malware *

Lazarus Attackers Targeting Security Researchers with Trojanized IDA Pro Application *

Attackers Hacked FBI Email Servers to Distribute Spam Campaign *

American Retail Giant 'Costco' Reveals Data Breach After Identifying Credit Card Skimmer *

A Zero-Day Flaw in the Windows User Profile Service Gets Free Unofficial Patch *

BotenaGo Malware Targeting Millions of Routers and IoT Devices with 33 Exploits *

TrickBot Hackers Abused Microsoft's App Installer in Spam Campaigns *

WP Reset PRO Plugin Enables Attackers to Hijack Websites *

Netflix, Instagram, and Twitter Users are Targeted by New Android Malware *

TeamTNT Cybercrime Group Actively Targeting Vulnerable Docker Servers *

German Medical Software Company Medatixx Hit by Ransomware Attack *

Palo Alto Addresses Multiple Vulnerabilities in PAN-OS *

Clop Ransomware Gang is now Exploiting SolarWinds Serv-U flaw in Attacks *

Zombie-themed Phishing Emails Infecting Users with MirCop Ransomware *

A New Variant of Mekotio Banking Trojan Spotted in the Wild *

Microsoft Patch Tuesday Security Advisory - November 2021 *

Microsoft Warned Admins to Patch Exchange Server Vulnerability *

Cisco Patches Hard Coded Credentials and Default SSH Key Issues in its Catalyst PON Switches *

Researchers Disclose a Critical RCE Vulnerability in Linux Kernel's TIPC Module *

Scammers Harvesting Microsoft O365, Google Logins Via Fake Proofpoint Emails *

Researchers Disclose Two Critical SQL Injection Flaws in Philips Healthcare Informatics Solution *

Prominent Stock Trading Platform "Robinhood" Suffers a Data Breach *

Electronics Giant "MediaMarkt" Hit by Hive Ransomware Attack *

Threat Actors Actively Targeting Patched Sitecore XP RCE Flaw *

Central Depository Services (India) Limited Discloses a Data Breach *

Babuk Ransomware Deployed via Microsoft Exchange ProxyShell Vulnerabilities *

New Android Rooting Malware "AbstractEmu" Takes Over Mobile Phones Via Root Access *

CISA Discloses a Catalog of Known Exploited Vulnerabilities for Multiple Products *

UK Labour Party Discloses a Data Breach Post Ransomware Attack *

Critical Flaw in Cisco Policy Suite's Hardcoded SSH Key Lets Remote Hackers Gain Root Access *

US Defense Contractor Electronic Warfare Associates (EWA) Suffers Data Breach *

Google Patches Actively Exploited Kernel Bugs in its Android November Patch *

Microsoft Suffers Outage, Blocks Access to Onedrive and Sharepoint Files *

Over 30,000 Unpatched GitLab Servers Vulnerable to Already Patched Critical RCE Flaw *

Over 1.6 Million Devices in China Infected by Pink Botnet *

Researchers Uncovered Multiple Critical Flaws in Pentaho Business Analytics Software *

Threat Actors Used Kaspersky's Stolen Amazon SES Token in Office 365 Phishing Campaigns *

Threat Actors Distributing Chaos Ransomware via Fake Minecraft 'alt list' Text Files *

Threat Actors Deploying Snake Infostealer Malware Via Phishing Emails *

Iranian Hackers Breach Israeli Web Hosting Provider"Cyberserve" *

Canadian Province Health Care System Hit by Cyberattack *

Researchers Disclose New Spook Ransomware Built on Prometheus Code Exposing All Victims *

Pirated Sports Streamer Hacked Major American Sports Leagues and Tried to Extort MLB for $150,000 *

Hive Ransomware Group Launches New Variants Capable of Encrypting Linux and FreeBSD Devices *

Israeli Internet Firm Hit By Ransomware Attack Led By Iranian Hackers *

UMass Memorial Health Care Center Suffers Data Breach *

Google Fixes the Flaw Causing Chromebooks Failing to Enroll Devices *

Google Patches Two Zero-Day Bugs in Chrome Browser *

macOS Flaw Allow Hackers to Deploy Rootkits *

WordPress's OptinMonster Plugin Flaw Allow to Hijack Sites *

Threat Actors Targeting YouTubers’ in Phishing Campaigns *

Cybercriminals Delivering Ransomware via Malicious NPM Packages *

Apple Fixed 22 Security Flaws in iOS and iPadOS Devices *

Iranian Gas Station Hit by a Cyberattack *

Hackers Employing a New Squirrelwaffle Malware In Spam Email Campaigns *

Attackers Used a New Yanluowang Ransomware in Targeted Attacks *

Russian Attackers Delivering Malicious Documents in Phishing Campaign *

WordPress Plugin Flaw can Lead to Complete Takeover of Vulnerable Sites *

South Korea's Telecommunications Firm 'KT Corporation' Suffers Nationwide Outage *

CISA Advised to Fix Critical Flaw in Discourse Software *

Attacker Hijacked NPM Library to Compromise Windows and Linux Devices *

macOS Malware Utilizes New Evasion Techniques *

New PurpleFox Backdoor Uses WebSockets for C2 Communication *

SCUF Gaming International Suffers Data Breach: 32,000 Customers Affected *

Attackers Distributing Malware Through Korean Webhard and Torrent Websites *

New Threat Group Targeting South Asian Organizations Using Custom Malware *

Chinese Attackers Exploited Windows Zero-Day Vulnerability in Cyberattacks *

FBI Alerts on Fake Govt Sites Used to Steal Sensitive Information *

Telecommunications Company 'Sinclair Broadcast Group' Hit by Ransomware Attack *

The University of Sunderland Hit by Cyberattack *

Olympus US Systems Hit by Cyberattack *

Ecuador's Largest Bank 'Banco Pichincha' Hit by Cyberattack *

Microsoft Fixed Compatibility Issues in Windows 11 KB5006674 Cumulative Update *

Attackers Using Math Symbols in Phishing Campaigns *

Microsoft Azure's Customer Hit by Largest DDoS Attack *

Microsoft Patch Tuesday Security Advisory - October 2021 *

Apple Fixes a Zero-day Flaw in an Emergency iOS 15.0.2 Update *

Google Fixes Four High-Severity Flaws in its Chrome Browser *

American Pacific City Bank Hit by AvosLocker Ransomware Attack *

Threat Actors Targeting Linux Devices Using New FontOnLake Rootkit *

Ransomware Group FIN12 Aggressively Attacking Healthcare Sectors *

Cox Media Group Discloses a Data Breach Post Ransomware Attack *

Threat Actors Impersonating "QuickBooks" in Ongoing Phishing Campaigns *

Global Brewery Firm BrewDog Exposes 200,000 Customers Sensitive Information *

Researchers Disclose New Android Malware Infecting Android Mobiles *

Telecommunication Firm 'Syniverse' Discloses a Database Breach *

Microsoft Patched Flaw Prevent Security Updates for Azure Virtual Desktops *

Apache Emergency Update Patched Incomplete Fix for Actively Exploited Bug *

Researchers Disclose UEFI Bootkit Exploiting Windows Systems Since 2012 *

Live Streaming Platform 'Twitch' Suffers Massive Data Leak *

APT Group "ChamelGang" Targeting Fuel, Energy, and Aviation Industries *

Researchers Disclose Multiple Critical Flaws in Honeywell Experion PKS and ACE Controllers *

Apache Patches a Zero-Day Vulnerability in its Web Server *

The Telegraph Suffers Massive Data Breach;10 TB Database Leaked *

Researchers Link Disparate Malware Attacks to Chinese Cyber-espionage Group *

Unknown Ransomware Gang Encrypting VMware ESXi Servers Using Python Script *

Industry Publication Giant Sandhills Global Hit by a Ransomware Attack *

Misconfigured Apache Airflow Servers Leak Credentials *

New Atom Silo Ransomware Group Targeting Unpatched Confluence Servers *

An Unpatched Flaw Enables Contactless Payments From Locked iPhones *

Threat Actors Targeting Commerzbank Customers Via New Malware Campaign *

Hackers Steal Cryptocurrency from Coinbase Customers Using MFA Flaw *

Threat Actor Group "GhostEmperor" Backdooring Windows 10 Systems Using a Rootkit *

WhatsApp, Instagram and Facebook Suffers Massive Outage Due to a Configuration Error *

Google Fixes Two Zero-Day Flaws in its Chrome Browser *

Hackers Spreading Flubot Android malware Via Fake Security Updates *

QNAP Patches 3 High-severity Stored Cross-site Scripting (XSS) Flaws Affecting NAS Devices *

MoneyLion Discloses a Data Breach Post Credential Stuffing Attacks *

Neiman Marcus Discloses a Massive Data Breach; 4.3 million Users Affected *

Fake Amnesty International Pegasus Antivirus Affects Windows Systems *

JVCKenwood Hit by CONTI Ransomware Attack *

Threat Actors Hijack Windows Boot Manager With UEFI Bootkit *

Microsoft Warns of Cyber Attacks Targeting Active Directory FS Servers *

Hackers Draining Brazil's PIX Payment System Users' Bank Accounts *

Researchers Linked New Tomiris Backdoor to Hackers Behind SolarWinds Cyberattack *

Giant Trucking Company "Forward Air" Suffers Data Breach *

Microsoft Suffers MFA Outage; Access to Microsoft 365 Services Blocked *

Threat Actors Distributing a New Jupyter Malware Version Via MSI Installers *

Threat Actors Stealing Financial Data from 378 Banking and Wallet Apps Via "ERMAC" Malware *

Multiple Cyberattack Campaigns Abusing Atlassian Confluence RCE Flaw *

Colossus Ransomware Hits Prominent Automobile Company in the USA *

Twitter Web Client Suffers Worldwide Outage *

Threat Actor Targets Indian Government With Commercial RATs Via Operation Armor Piercer Campaign *

QNAP Patches Two Critical Flaws in its QVR Software *

Prominent Communications Provider "Bandwidth.com" Hit By a DDoS Attack *

New Malware 'BloodyStealer' Targeting Popular Gaming Platforms *

Google Fixes High-Severity Zero-Day Flaw in its Chrome Browser *

Researcher Discloses Exploit Codes for 4 iOS Zero-Day Flaws on GitHub *

Microsoft Warns Organizations About a Wide-Scale Phishing-as-a-Service Operation *

Colombian Real Estate Firm "Coninsa Ramon" Suffers Data Breach *

Scammers Targeting US, Canada Users Via New Android Malware *

SonicWall Patches a Critical Vulnerability in its SMA 100 Series Products *

Threat Actors Deploying Web Shells Via Nagios RCE Vulnerabilities *

Researchers Disclose a Remote Code Execution Flaw in AWS WorkSpaces *

Netgear Patches a Remote Code Execution Vulnerability in its Routers *

Threat Actors Employing BitRAT to Target South American Organizations via Spam Campaigns *

Cisco Patches Three Critical Flaws in its IOS XR Software *

Apple Patches a Zero-day Flaw Used to Hack iPhones and Macs *

Threat actor Group "FamousSparrow" Breaching Hotels Worldwide Via ProxyLogon Exploits *

Cyber Criminals Deploying Rootkit Via a New Bug in Microsoft Windows *

Threat Actors Targeting Organizations in Latin America Via a New Banking Trojan *

Threat Actors Employing New Malware Campaigns to Mine Cryptocurrency *

Cring Ransomware Group Actively Exploiting Decade-Old Patched ColdFusion Vulnerabilities *

Microsoft Exchange's Autodiscover Flaw Leaks 100K Windows Credentials *

Russian Threat Actors Deploying TinyTurla Malware as Secondary Stage Backdoor *

VMware Fixed Critical Arbitrary File Upload Vulnerability in its vCenter Server *

Researchers Disclosed a New Zero-Day Vulnerability in macOS Finder *

Republican Governors Association's Server Breached Via Microsoft Exchange Cyberattack *

US Farmer Cooperative Suffered a BlackMatter Ransomware Attack *

Over 1.4 Million COVID-19 Test Results From Multiple Hospitals Exposed in Paris *

Scammers Sending Spam Emails to Promote Elon Musk-themed Cryptocurrency Scam *

VoIP.ms Hit By a DDoS Attack; Multiple Services Impacted *

AMD Patches An Information Disclosure Flaw in its Chipset Driver *

Prominent Integration Service Provider, Travis CI Patches a Critical Security Flaw *

Researchers Uncovered Phishing Campaign "Operation Layover" Targeting Aviation Industry *

Threat Actors Deploying New Malware to Compromise Windows Subsystem for Linux Environment *

Tamil Nadu Public Department Hit by Ransomware Attack *

Netgear Patches Third Critical Bug in its Smart Switches *

Microsoft Patches a Critical Flaw in Open Management Infrastructure Affecting Azure Cloud Services *

Adobe Patches 36 Critical Vulnerabilities in its Products *

Threat Actors Impersonate US Department of Transportation to Steal Microsoft Credentials *

South Africa's Justice Ministry Suffers Ransomware Attack *

Microsoft Warns of Information Leakage Vulnerability in Azure Container Instances *

Cyber Criminals Deploying New Linux Cobalt Strike Beacons in Ongoing Cyber Attacks *

Nitro Software Patches a Remote Code Execution Flaw in its Nitro Pro PDF *

Threat Actors Spreading New ZLoader Malware Through Fake TeamViewer Installer *

Millions of Computers Affected by HP Omen's Privilege Escalation Bug *

Microsoft Patch Tuesday Security Advisory - September 2021 *

Telecommunications Provider "MyRepublic" Suffers Data Breach *

New Android Banking Trojan Dubbed "S.O.V.A" Emerges With Growing Capabilities *

TeamTNT Hacking Group Stealing Credentials Using New Open-Source Tools *

Apple Patches Zero-click iPhone Exploit Deploying Pegasus Spyware *

Google Patches 2 Zero-day Flaws in its Chrome Browser *

“FudCo” Spam Empire Linked to Pakistan-based Software Firm *

Howard University Suffers Ransomware Attack Leading to Network Shutdown *

Threat Actors Targeting Kurdish Ethnic Group Via Mobile Spyware Attacks *

New Windows 0-Day Attack Targeting Users Via Weaponized Office Documents *

Meris Botnet Launches a 22 Million RPS DDoS Attack *

Cisco Patches Multiple High-Severity Flaws in its IOS XR Software *

Threat Actors Leaked 500,000 Fortinet VPN Credentials On Hacking Forum *

Zoho Patches Critical Vulnerability in its ManageEngine ADSelfService Plus Solution *

Critical Flaw in HAProxy Result in HTTP Request Smuggling Attack *

FIN7 Group Deploying Backdoor Via Windows 11 Alpha-themed Word Documents *

Ribbonsoft’s dxflib Library Flaw Allow Attackers to Remotely Execute Commands *

New Malware Family Leverages CLFS Log Files to Evade Detection *

Threat Actors Hacked Jenkins Project's Confluence Server to Install Monero Miners *

NPM, Package Manager Patches a Critical Bug in the Package Pac-Resolver *

Microsoft Links SolarWinds Serv-U SSH Zero-Day Attack to Chinese Hackers *

Netgear Patches High Severity Bugs in its Smart Switches *

Threat Actors Exploiting Confluence Bug to Install Cryptocurrency Miners *

Billions of Bluetooth Devices From Multiple Vendors Remain Highly Vulnerable to BrakTooth Flaws *

Dallas Public School Suffers Data Breach *

Canada Immigration Accepts Additional 7,300 Applications in TR to PR Program Due to a Technical Bug *

Cisco Patches Critical Authentication Bypass Flaw in NFV Infrastructure Software (NFVIS) *

Over 60,000 Parked Domains Were Vulnerable to Domain Hijacking Attacks *

Autodesk Targeted By SolarWinds Hackers Via Sunburst Backdoor *

LockFile Ransomware Bypassing Protection Via Intermittent File Encryption *

Microsoft Exchange ProxyToken Flaw Allow Attackers to Access User Email Messages *

Multiple Vulnerabilities Identified in Fortress S03 Wi-Fi Home Security Systems *

Threat Actors Selling a GPU Based Malware Via Hacker Forums *

Annke Patches a Stack-based Buffer Overflow Flaw in its Video Surveillance Product *

Synology Discloses Open SSL Vulnerabilities Impacting its NAS Devices *

Attackers Abusing Proxyware Applications to Monetize Malware Campaigns *

QNAP Discloses OpenSSL Flaws Impacting its NAS Devices *

New York Credit Union Discloses An Insider Threat; 21GB of Sensitive Data Destroyed *

Google App Bug Restrict Users To Make & Receive Calls *

Attackers Distributing Phishing Mails Using Open Redirect Links *

Researchers Warn Users About Four Emerging Ransomware Groups *

FIN8 Threat Group Targeting Financial Institutions Using Sardonic Backdoor *

U.S. Based Computer Retail Company Targeted by New SideWalk Backdoor *

Critical F5 BIG-IP Vulnerability Affects Customers in Sensitive Sectors *

VMware Fixes Four High Severity Flaws in vRealize Operations Manager API *

Microsoft Power App Leaks 38 Million Sensitive Data Records Via Misconfigured Tables *

Threat Actors Actively Exploiting 15 Vulnerabilities to Hack Linux Systems *

Microsoft Warns Customers of Azure Critical Cosmos DB Vulnerability *

Cisco Patched a Critical Flaw in its APIC Software *

Boston Public Library Suffers System Wide Outage *

Cyber Criminals Deploying BazaLoader Malware via Fake DDoS Notifications *

Emsisoft Releases Free Decryptor for SynAck Ransomware Victims *

Compromised WhatsApp Mod Distributing Malicious Payloads Via Supply Chain Attack *

Threat Actors Discreetly Marketing ShadowPad Malware Among Chinese Espionage Groups *

NSO Group Deploying Pegasus Spyware Via New Zero-click iPhone Exploit *

OpenSSL Vulnerabilities May Be Exploited For Multiple Cyber Attacks *

ACROS Security Releases a Micro Patch to Address PetitPotam Flaw *

Mozi, an IoT Botnet Targets Network Gateways and IoT Devices *

Threat Actors Actively Exploiting Newly Disclosed Realtek SDK Vulnerabilities in the Wild *

AT&T Denies Data Breach Post Attacker Auctions 70 Million User Database *

Google Discloses Information of Unpatched Windows AppContainer Vulnerability *

Cloudflare Thwarts the Largest DDOS Attack Ever Recorded *

Microsoft Exchange Servers Under Attack By New LockFile Ransomware *

SAC Wireless, A Nokia Subsidiary Discloses Data Breach Post Conti Ransomware Attack *

Phishing Campaign Used a XSS Flaw in UPS Website to Distribute Malware *

Vulnerable Microsoft Exchange Servers Under Attack Via ProxyShell Vulnerabilities *

Attackers Hacked US Census Bureau Servers Using Citrix Vulnerability *

Critical Vulnerability Discovered in the Universal Plug-and-Play (UPnP) Service of Multiple Cisco Routers *

BadAlloc Flaw Affects BlackBerry's QNX Real-Time Operating System (RTOS) *

Chase Bank Suffers Data Leak Via Technical Glitch *

Data Exfiltration Attacks Can Bypass Cisco Safety Products *

Ransomware Attacks Hit Maine's Rural Sewage Treatment Plants *

Memorial Health System, Florida Suffers Ransomware Attack *

Attackers Targeting Multiple Users in Mexico via Neurevt Trojan *

Adobe Patches Critical Photoshop Security Flaws *

Critical Flaw in ThroughTek's Point-to-Point (P2P) SDKs Impacting Million IoT Devices *

Fortinet Delays Patching a Zero-day Bug in its Web Application Firewall (WAF) *

Multiple Realtek Related Flaws Affecting its Wi-Fi SDKs; Impacting Nearly a Million IoT Devices *

Tokio Marine's Singapore Branch Suffers Ransomware Attack *

Threat Actors Selling Ficker Info Stealer Malware as a Malware-as-a-Service (MaaS) *

Iranian Government-linked Hacker Groups Conducting Cyber Espionage Activities in Israel *

Attackers Use 'CAPTCHA' Images to Trick Users into Bypassing Browser Warnings *

Brazilian National Treasury Suffers Ransomware Attack *

Threat Actors may use Middleboxes Related Flaws for TCP Reflected Amplification *

Threat Actors Distributing WarzoneRAT via Compromised WordPress Sites *

TA505 Threat Group Installing ServHelper RAT Using New Techniques *

Multiple STARTTLS Related Bugs Found in Popular Email Clients *

Trend Micro Addresses Wild Zero-Day Vulnerabilities *

T-Mobile Suffers Massive Data Breach; 100 Million Customers Data Stolen *

The Infamous AlphaBay Darknet Market Has Reopened for Business *

Microsoft Spotted Hackers Using Morse Code in Phishing Campaigns to Evade Detection *

Threat Actors Employing CAPTCHA Protected Phishing Campaigns *

Scammers Impersonating FINRA in an Ongoing Phishing Campaign *

Multiple Flaws in Wodify Fitness Platform Allow Hackers to Take Control *

New AdLoad Malware Variant Escapes through Apple's XProtect Defence *

Ford Flaw Exposed Sensitive Information from Internal Systems *

Attackers Can Now Spy On DNS Traffic via Bugs in Managed DNS Services *

Intel Releases Patches for High-Severity Flaws in NUC 9 Extreme Laptops, Ethernet Linux Drivers *

Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising *

One Million Stolen Credit Cards Data Leaked on Carding Marketplace *

Gigabyte Suffers RansomEXX Ransomware Attack *

Microsoft Confirms another Zero-Day Bug in Windows Print Spooler *

Accenture Hit by LockBit Ransomware Attack *

Attackers Stole Cryptocurrency worth of $600 Million *

Researchers Revealed eCh0raix Ransomware Targeting Both NAP and Synology NAS Devices *

Microsoft Patch Tuesday Security Advisory - August 2021 *

Adobe Patched Several Critical Vulnerabilities in its Products *

Russian Federal Executive Authorities Targeted by Chinese Threat Actors *

Chinese Threat Actors Targeting Prominent Southeast Asian Telecom Firms *

Joplin City Suffers from Ransomware Attack *

FatalRAT Trojan Exploiting Telegram *

New FlyTrap Malware Compromises Thousands of Facebook Accounts *

New Chinese Spyware Used in Widespread of Cyber Espionage Attacks *

VMware Patches Security Vulnerabilities in Workspace ONE Access and Identity Manager *

INFRA:HALT Flaws Affect Embedded TCP/IP Stack Widely Used in OT Devices *

Cisco: Firewall Manager RCE Flaw is a Zero-day, Patch Incoming *

Go & Rust Languages Affected by Critical IP Address Validation Flaw in "net" Library *

New York City Public School's Info Leaked; Officials Confirm *

Threat Actors are Actively Exploiting Vulnerable Home Routers *

Solarmarker Malware Targeting Healthcare and Education Sectors *

Attacker Scanning Microsoft Exchange Servers for ProxyShell Vulnerability *

New APT Threat Group Targeting Microsoft IIS Servers *

Google Fixed Several High-Severity Security Flaws in Android OS *

Linux Variant of BlackMatter Ransomware Encrypting VMware ESXi Machines *

New Android Malware Vultur Abuses Accessibility Services *

Energy Group ERG Reports Minor Interruptions Post Ransomware Attack *

Google Patches Several Chrome Vulnerabilities *

New Cobalt Strike DoS Vulnerability Allows Takedown of Attackers’ Servers *

Advanced Technology Ventures Discloses a Data Breach Attack *

Cisco Patches Pre-Auth Security Flaws in its VPN Routers *

Romania Cryptojacking Attackers Targeting Linux Devices *

Multiple TransLogic Firmware Vulnerabilities Discovered; Major Impact on North America Hospitals *

Italy's Lazio Region Suffers Ransomware Attack *

New Meteor Malware Used in Iranian Railway Attack *

Multiple Vulnerabilities Patched in WordPress Download Manager *

Node.js Patched Severe HTTP Vulnerability *

Russians Attackers Compromised Federal Prosecutors Email Accounts *

New Vulnerabilities could let Attackers to Compromise Zimbra Server via Email *

Researchers Discovered New Haron Ransomware Gang *

A New .Stolen Ransomware Deleting Disc Shadow Copies Post Encrypting Disc Drives *

LockBit 2.0 Ransomware Uses Group Policies to Encrypt Windows Domains *

Attackers Compromised Chipotle’s Marketing Account to Deliver Phishing Emails *

Multiple Flaws Discovered in 3 Open-Source Software *

DarkSide Ransomware Gang Returns as New BlackMatter Ransomware *

Attackers Installing PlugX Malware Variant on Compromised MS Exchange Servers *

Northern Ireland Suspends COVID Certificate Service Post Data Breach *

Attackers Posed as Aerobics Instructors to Target Employees *

APT Attackers Distributed Android Trojan via Syrian E-Government Portal *

UC San Diego Health Suffers Data Breach Post Phishing Attack *

Oracle Fixes Critical Flaws in its Products *

LemonDuck Malware Targeting Windows and Linux Systems *

Signal Patches a Critical Flaw in its Android Versions *

Apple Patches a Zero-day Flaw Exploited in the Wild *

XCSSET MacOS Malware Targets Telegram Accounts and Google Chrome Data *

Researchers Disclose 3 Zero-day Flaws in Kaseya Unitrends Backup Solution *

Kaseya Gets Universal Decryptor Tool to Help Victims *

Critical Security Flaws Reported in Etherpad *

Law Firm Campbell Conroy & O'Neil Suffered Ransomware Attack *

Malicious NPM Package Steals Chrome Passwords on Windows via Recovery Tool *

Federal Agencies Say China Breached Dozens of Pipeline Companies between 2011 and 2013 *

Akamai Suffers DNS Outage; Prominent Websites and Online Services Across the Globe Impacted *

Dell Patches 3 Critical Vulnerabilities in OpenManage Enterprise Service *

Atlassian Patches Critical Vulnerability in its Jira Data Center and Jira Service Management Data Center Products *

Ecuador's State-run CNT Telco Suffers Ransomware Attack *

Juniper Fixed Multiple Flaws in its Products *

Attackers Distributing Remcos RAT via Visual Basic *

Microsoft Seizes Homoglyph Domains used in BEC Campaign *

Saudi Aramco Suffers Data Breach; 1 TB Stolen Data for Sale *

16-Year-Old Bug Impacts Millions of HP, Samsung, Xerox Printers *

Bug discovered in Fortinet lets Attackers to run Code as Root *

WIFIDemon Leading to Remote Code Execution Attacks on iOS Devices *

Magecart Attackers Using Unique Techniques to Avoid Detection *

Cisco Patches High Severity Flaw in its ASA & FTD Software Versions *

Pegasus Spyware Infecting Prominent Personnel's Mobile Devices Across the Globe *

WildPressure APT Targeting Windows and macOS Systems via New Malware Variant *

Google Patches Zero-Day Vulnerability in its Chrome Browser *

D-Link Fixes Multiple Security Bugs in its DIR-3040 Router Version v1.13B03 *

Scammers Target Comparis Group Users Post Ransomware Attack *

Multiple Vulnerabilities in NuGet Packages Affect .NET Platform *

Microsoft Patched Windows Hello Authentication Bypass Vulnerability *

Recent ZLoader Malware Attacks Adopt New Macro-Related Delivery Method *

Sage X3 Patched Multiple Security Flaws in its Enterprise Resource Planning (ERP) Product *

Attackers Spreading BazarBackdoor Malware via Nested RAR and ZIP Archives *

SonicWall Warns of Imminent Ransomware Attacks Targeting SMA 100 & SRA VPN Appliances *

VMware Fixed Flaws In ESXi and ThinApp Applications *

Chinese Hackers Utilizing SolarWinds Zero-Day to Target US Defense Companies *

New BIOPASS RAT Live Stream Victim's Computer Screen *

Kaspersky Password Manager Generated Passwords used in Brute Force Attacks *

Adobe Patch Tuesday Security Advisory - July 2021 *

Microsoft Patch Tuesday Security Advisory - July 2021 *

Kaseya Fixed Multiple VSA Bugs Exploited in REvil Ransomware Attack *

Flaws in Cisco BPA and WSA could lead to Privilege Escalation Attacks *

Mitsubishi Electric Fixed Bugs in Air Conditioner Control Systems *

Fashion Retailer Guess Suffers Data Breach Post Ransomware Attack *

SolarWinds Patches a Zero-day Flaw Exploited in the Wild *

Insurance Firm CNA Suffers Data Breach After Ransomware Attack *

Mint Mobile Suffers Data Breach; Hackers Port Victims Phone Numbers *

Morgan Stanley Reports Data Breach After Vendor Reports Accellion Hack *

Nobelium Hacking Group Reportedly Accessed Microsoft's Customers Support Tools *

Crypto Mining Scams Targeting Victims via Fraudulent Android Apps *

Malspam Campaign Deploying Cobalt Strike Payloads Posing as Kaseya VSA Security Update *

Microsoft Addresses Critical Edge Bug Leading to UXSS Attacks *

CISA Discloses 15 Vulnerabilities Affecting Philips Vue Healthcare Products *

Pro-Trump Social Media Site "GETTR" Suffers Data Breach *

QNAP Patches Critical Flaw in NAS Backup and Disaster Recovery Solution *

Insurance Giant AJG Reports Data Breach post a Ransomware Attack *

Threat Actor Group Wizard Spider Linked to a New Ransomware 'Diavol' *

NETGEAR Patches 3 Critical Bugs in DGN-2200v1 Series Routers *

Microsoft Urges Azure Users to Update their PowerShell Tool *

Threat Actors Hacked Mongolian Certificate Authority to Deploy Backdoors *

Threat Actors Targeting Unpatched Cisco ASA Devices Aggressively Post the PoC Release *

Kaseya Suffers Massive Ransomware Attack; Hundreds of Companies around the Globe Affected *

Retail Giant Coop Shuts Down 500 Stores Post Kaseya Ransomware Attack *

Microsoft Releases Emergency Patch for Windows Zero-day PrintNightmare Vulnerability *

Attackers Target Microsoft's Halo Development Servers via Dependency Hijacking *

Law Enforcement Officials Seize DoubleVPN Service's Servers *

WD Storage Devices Vulnerable to Ongoing Cyber-Attacks *

LinkedIn Suffers Data Breach, 700 Million Users Data Exposed *

DarkRadiation Ransomware Gang Targeting Linux & Docker Instances *

Threat Actors using WIM Files to Bypass Security Solutions via Phishing Emails *

Microsoft Signs a Rootkit Malware Disguised as Windows Driver *

Unpatched Flaws in PlingStore Apps may Lead to Supply-Chain Attacks *

Scammers Impersonating FINRA Support in a New Phishing Campaign *

Fortinet Patches 2 Vulnerabilities in its Web Application Firewall (WAF) *

High Severity Flaws Found in Vulnerable NVIDIA Jetson Chipsets *

Spam Campaign Hides "handwritten" Links in Tinder Profile Images *

Pakistan Hackers are Targeting Indian Power Company with ReverseRat *

Mercedes-Benz Suffers Data Breach *

Multiple Bugs in Dell SupportAssist; Impacts 30 Million PCs *

Researchers Discovered Security Vulnerability in 2G Mobile Data Encryption Standard *

Conti Ransomware Gang Leaked Tulsa City's Police Citation Documents *

Covid-19 tracking app ‘MassNotify’ Auto-installed on Massachusetts Android Phones *

VMware Fixed Critical Vulnerability in Carbon Black App Control *

A Partially Fixed Bug in SonicWall Affecting 800K Firewalls *

Vulnerabilities in Open Design Alliance's SDK Impacting Multiple Vendors *

Nuclear Research Agency of South Korea was Hacked Using VPN Flaw *

Multiple Vulnerabilities Discovered in Schneider PowerLogic Devices *

Zephyr RTOS Patched Multiple Bugs in its Bluetooth LE Stack *

Healthcare Giant Grupo Fleury Suffers Ransomware Attack *

Palo Alto Networks Fixed Critical Vulnerability in Cortex XSOAR *

Microsoft Patched High-Pitched Noise Bug in Windows 10 *

Threat Actors are Sending Fake Extortion Emails by Impersonating DarkSide Gang *

Supermarket Chain Wegmans Suffers Data Breach *

Andariel Hacking Group Targeted South Korean Industries with New Malware Campaign *

Poland Officials Targeted in Russian Cyber Attacks *

Russian Consumer Watchdog Bans VyprVPN & Opera VPN Services *

Gelsemium Hackers Target NoxPlayer with Supply Chain Attack *

Reproductive Biology Associates Clinic Suffers Ransomware Attack *

Critical Flaw in ThroughTek Allows Millions of Cameras to Spy *

Newly Discovered iPhone Bug can Disable iPhone's Wi-Fi Functionality *

Researchers Warn of SolarMarker Malware Deployed via SEO Poisoning *

Attackers Bypass Office 365 MFA in BEC Attacks *

Attackers can Access Victim Information via Vulnerability found in Microsoft Power Apps *

Instagram Bug Allows Attacker to View Private Accounts Details of the User *

Propane Service Provider AmeriGas Discloses Data Breach *

Cake Box Suffers Data Breach; Credit Card Numbers of Customers Exposed *

Clop Ransomware Gang Suspects are Arrested in Ukraine *

Google Patched Zero-Day Bug in Chrome Web Browser *

Scammers are Sending Fake Ledger Devices to Steal Cryptocurrency *

Thousands of VMWare vCenter Servers are Still Vulnerable to Remote Code Execution Attacks *

Apple has Fixed 2 Zero-Day Flaws in iOS Devices *

Hackers can Spy on Samsung Mobile Users using Pre-installed Applications *

Interpol Removed Multiple Fake Online Pharmaceutical Websites *

Spain's Ministry of Labor and Social Economy Suffers Cyberattack *

Avaddon Ransomware Group Shuts Down *

Food Supply Giant Edward Don Shuts Down Temporarily Due to Ransomware Attack *

7-Year-Old Privilege Escalation Polkit Flaw Affecting Linux Devices *

McDonald's Discloses Data Breach; Customers and Employee Information Exposed *

Audi and Volkswagen Suffers Data Breach; 3.3 Million Customers Affected *

Food Giant JBS Pays $11 million to REvil Ransomware Group *

Famous Video Game Company Electronic Arts Suffers Data Breach *

WAGO Controller Flaws Could Lead to Industrial Process Disruptions *

Stolen Login Credential Marketplace Slilpp is Seized by Law Enforcement *

Fastly CDN Outage Impacted Multiple Websites *

Latest Necro Python Malware has New Exploits and Crypto Mining Capabilities *

Phishing Campaign Targets U.S. Financial Industry Regulatory Authority (FINRA) *

Memory & Storage Manufacturing Giant ADATA Suffers Ransomware Attack *

Microsoft Patched Vulnerability In MSGraph Component *

PuzzleMaker Threat Actors Targeting Windows 10 Systems using Chrome Zero-days *

STUN Servers Abused for DDoS Attacks *

New Siloscape Malware Targets Windows Containers to Access Vulnerable Kubernetes Clusters *

Attackers are Actively Targeting Vulnerable VMware vCenter Servers *

Google Fixed Multiple Critical Bugs In Latest Android Security Updates *

Adobe Patches 41 Vulnerabilities in 10 Products *

Intel Fixes 73 Security Vulnerabilities *

Microsoft Patch Tuesday Security Advisory - June 2021 *

EvilCorp Cybercrime Gang Mimics PayloadBIN to Evade US Sanctions *

US Truck Manufacturer Navistar Discloses Data Breach *

Cisco Patches High-Risk Security Flaws in its Multiple Products *

Open Source Application "Have I Been Pwned" Used to Expose Stolen Credentials *

Nantucket Steamship Authority Suffers Ransomware Attack *

Researchers Disclosed Critical Bug In Realtek Wi-Fi Module *

Threat Actors Deploying SkinnyBoy Malware using Malicious MS Word Documents *

Threat Actors Bypassing Ransomware Defense in Antivirus Solutions via Whitelisted Applications *

Huawei Fixed Privilege Escalation Bug in its USB LTE Dongle *

FUJIFILM Suffers Ransomware Attack *

North Korean Hacking Operation Targeting South Korea Government Units *

Multiple Products from Cisco, Akamai & Linux affected by Vulnerability in Lasso Library *

Multiple Vulnerabilities Reported in Industrial Switches from Several Vendors *

Swedish Health Agency Shuts Down SmiNet's Database after Multiple Intrusion Attempts *

Attackers Exploiting Critical Zero-day Flaw in WordPress Plugin *

Researchers Disclosed Two New Attack Techniques which Modifies Certified PDF Document Content *

New Phishing Campaign Targeting Walmart Users Discovered *

Two Domains Used In Nobelium Phishing Campaign Seized *

Food Giant JBS Shuts down Temporarily due to Cyberattack *

BazaLoader Campaign Spreading Phishing Emails to Compromise Users Windows System *

FBI Reports Attackers are Exploiting Unpatched Fortinet Devices *

Researchers Warn of Facefish Backdoor Infecting Linux Devices *

New VSCode Extensions Bugs may Lead To Supply Chain Attacks *

Siemens Patches a High-severity Memory Protection Bypass in its PLCs *

Canada Post Reports Data Breach Post Supplier Ransomware Attack *

Threat Actors Distributing Trojanized AnyDesk Installer via Malvertising Campaign *

SolarWinds Hackers Deploying New 'NativeZone' Backdoor via a New Supply Chain Attack *

Klarna Mobile Application's Technical Bug Leaking Users Data *

New Epsilon Red Ransomware Abusing Unpatched Microsoft Exchange Servers *

Threat Actors Actively Exploiting a Command Injection Flaw in SonicWall's NSM On-Premises Products *

TPG Shutdown the Legacy TrustedCloud Service Post Data Breach *

Threat Actors Deploying Data Wiper Malware Disguised as Ransomware *

Checkbox Survey Patches Arbitrary Code Execution Flaw Being Exploited in the Wild *

Attackers Impersonating Devices via Newly Disclosed Bluetooth Bugs *

HPE Patches Critical Zero-day Flaw in Systems Insight Manager (SIM) *

Office 365 Bug Sending Exchange Online, Outlook Emails to Junk Folder *

Malware Attack Knocks out Siegfried Group’s Network *

Multiple Japanese Agencies Suffer Data Breaches in a Supply Chain Attack *

Hackers Sent Racist Registration Emails Pretending to be from Walmart *

Zeppelin Ransomware Back in Operation with an Updated Malware *

Apple Patches a Zero-day Flaw in TCC Framework *

Japan’s Omiai Dating App Data Breach; Over 2 Million Users Data Exposed *

VMware Patches Critical Remote Code Execution Flaw in vCenter *

CryptoCore Campaign Hacking Cryptocurrency Exchanges Globally *

Scheme Flooding Vulnerability Enables Hackers in Identifying Users *

Florida Water Treatment Plant Suffered a Cyber Incident Prior to the Poisoning Attack *

Ivanti Addresses a High-Severity Vulnerability in Pulse Connect Secure VPN *

Electronic Giant Bose Reports Data Breach Post Ransomware Attack *

Trend Micro Patches 3 Vulnerabilities in Home Network Security Devices *

Threat Actor Behind Infamous UPMC Breach Gets Verdict; Faces 7 Years in Prison *

Apple Patches 3 Zero-days Affecting macOS & tvOS Devices *

Microsoft Releases a Simulated Tool for Attack Scenarios *

23 Misconfigured Android Applications Leaking Users Personal Data *

Google Fixes Chrome Browser Crash on Windows 10 and Linux Platforms *

Google Patches Heap-based Buffer Overflow Vulnerability in Chrome *

CNA Financial Paid $40 Million Ransom to Evil Corporation *

FBI Warns Organizations about Conti Ransomware *

E-commerce Giant Mercari Suffers Massive Data Breach in Codecov Incident *

QNAP Warns Organizations about Qlocker Ransomware Impacting Vulnerable HBS Devices *

Stolen Dominos India Data Up for Sale on Dark Web *

Air India Hacked; 4.5 Million Passengers Information Leaked *

Android Releases Patches for 4 New Zero-day Vulnerabilities *

New Malware Campaign Delivers Fake Ransomware *

Slack Messaging Application Suffers Massive Outage *

Over 600,000 WordPress Sites Impacted by a Vulnerability in WP Statistics Plugin *

Magecart Hackers Deploying PHP-based Backdoor via Website Favicons *

New Banking Trojan Bizzaro Targeting European and South American Banks *

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks *

FBI Warns of a Spear Phishing Campaign Delivering Advanced Malware *

Student Insurance Provider Guard[.]me Suffers a Data Breach *

Insurance Giant AXA Hit by Ransomware Attack *

Threat Actors Deploying Lizar Malware under the Disguise of Ethical Hacking Tool *

APT36 Group Mimicking Legitimate Indian Military and Defense Organizations *

Monday[.]com Source Code Accessed by Codecov Hackers *

Toshiba's Subsidiary Unit Struck by DarkSide Ransomware Group *

Cisco Patches a Zero-day Bug in Cisco AnyConnect Client *

Rapid7 Source Code Accessed in Codecov Supply-chain Attack *

AMD Patches Two Flaws Bypassing AMD's SEV Protection System *

Snip3 Crypter Service Deploying Multiple RAT Variants *

Hackers Delivering Malware via Microsoft Build Engine Files *

Citrix Patches Vulnerability in Workspace Application for Windows *

New Cryptocurrency Phishing Scam Stealing Recovery Phrases via Twitter *

Colonial’s Pipeline Hack; $5 Million Ransom Paid *

QNAP warns of Zero-day Bug in Roon Servers *

Herff Jones Suffers Data Breach *

New Lorenz Ransomware Affecting Multiple Organizations Globally *

Brenntag Hack; $4.4 Million Ransom Paid *

DarkSide Ransomware Servers Seized Post-Colonial Pipeline Attack *

Lemon Duck Cryptominer Strikes Again *

Ireland’s Health Services Reports Ransomware Attack; $20 million Ransom Demanded *

Threat Actor Leaks Stolen Data Post D.C. Police Columbia Hack *

FBI and ACSC Warns of Avaddon Ransomware Attacks *

VideoLan Patches Auto-updater Bug in VLC Media Player *

Ransomware Attack on the City of Tulsa, USA *

All Wi-Fi Devices are Vulnerable to FragAttacks *

A New Qualcomm Vulnerability Impacting Android-based Mobile Devices *

Over 25% of Tor Exit Relays Spied on Users Dark Web Activities *

Google Patches 19 Bugs in Chrome 90.0.4430.212 *

Twitter's New Feature Tip Jar Exposing Sensitive Information *

Cuba Ransomware Partners With Hancitor for Spam-Fueled Attacks *

Law Firm Jones Day Hit by Data Breach *

Attackers are Exploiting Authoritative DNS Servers via TsuNAME DNS Bug *

NatWest Bank Scheduled Payments Bug May Cost Customers Money *

Russian Hackers Are Allegedly Exploiting 12 Vulnerabilities in the Wild *

New Stealthy Rootkit Targeting High-Profile Organizations *

Twilio & HashiCorp Reports Cyber Attacks Post Codecov Supply Chain Hack *

UNC2529 Threat Group Delivers Three New Malware Strains via Phishing Emails *

Six Unpatched Critical Flaws Detected in Remote Mouse Application *

Foxit Patches Remote Code Execution (RCE) Vulnerability in Foxit Reader *

Colonial Pipeline Suffers from Alleged Ransomware Attack *

Microsoft Edge Crashes while Playing YouTube *

Scammers Impersonate "SNL in Elon Musk" Show in a Cryptocurrency Scam *

VMware Patches Critical Flaw in vRealize Business for Cloud Virtual Appliance *

HP Enterprise Fixes Critical Bug In Edge Platform Tool *

New Windows Malware 'Pingback' Using ICMP for C2 Operations *

N3TW0RM Ransomware Targeting Israel-based Companies *

Alaska Court System Went Offline Amid Cyber Attack *

Critical 21Nails Exim bugs Affecting Vulnerable Linux Servers *

Network Solution and Register.com Reports DNS Outage *

Tesla Car Hacked Remotely using Drones *

Dell Fixes a 12-year-old Bug in DBUtil BIOS Driver *

Insight Global's Insider Threat Leaks COVID-19 Information *

Complexcodes is Selling Subscription based Commodity Malware "WeSteal" *

Chinese Attackers Hacked Russia's Largest Nuclear Submarine Designer *

A New Malspam Campaign Distributing Rust-based Buer Malware Variant *

Intel and AMD Chips are Vulnerable to Spectre Side-Channel Attacks *

Pulse Secure Addresses VPN Zero-Day Vulnerability *

LuckyMouse Targets Multiple Organizations via Sys-update Toolkit *

Critical IP Address Validation Vulnerability found in Python *

Mount Locker Ransomware Uses New Tricks to Evade Detection *

ISC Patches Several BIND Vulnerabilities in DNS Servers *

Researchers Expose a New Iranian State-Sponsored Ransomware Campaign *

SolarMarket RAT Uses Google SEO Tactics to Lure Victims *

First Horizon Bank Hacked; $1 Million Stolen *

2 iOS Zero-day Vulnerabilities fixed by Apple *

Chinese Hackers Attacking Military Organizations in South-East Asia *

Stealthy Backdoor Infecting Linux Systems *

FBI Shares 4 Million Emotet Botnet Stolen Email Addresses *

PHP Composer Bug Ends Up in a Widespread Supply-Chain Attacks *

Hotbit Cryptocurrency Exchange Down Post Cyberattack *

ParkMobile Stolen Customers Data Exposed Online *

Whistler Resort Municipality Suffers Ransomware Attack *

Microsoft Uncovered Critical Code Execution Bugs In IoT, OT Devices *

DigitalOcean Data Breach Exposes Customer Billing Information *

Brazil's Rio Grande Do Sul Court System Suffers Ransomware Attack *

Attackers are exploiting SonicWall Zero-day for Ransomware Attacks *

F5 Discloses KDC Spoofing Vulnerability in BIG-IP Consoles *

UnitingCare, Queensland Systems Taken Down *

UK Rail Network Merseyrail Hit by Lockbit Ransomware *

Google Patches Critical RCE Vulnerability in Chrome *

MangaDex Stolen Database Leaked Online *

NTLM Relay Attack Abuses Windows RPC Protocol Vulnerability *

Guilderland Central Schools Hit With Malware Attack *

Apple iCloud Mail Server Outage *

Fake Microsoft DirectX 12 Deploying Crypto-Stealing Malware *

D.C. Police Columbia Hacked; Ransom Demanded *

Oilfield Services Giant Gyrodata Discloses Data Breach *

Microsoft Teams Suffers Outage *

Attackers Spreading FluBot Malware via Android Devices *

Prometei Botnet Operators Exploiting Obscure Microsoft Exchange Servers *

New Cryptomining Malware Turning Vulnerable Windows, Linux Devices into Bots *

Hacker Leaks 20 million BigBasket's Data for Free *

Critical RCE Bug Reported in Homebrew Package Manager *

Hackers Exploiting PulseSecure to Deploy SUPERNOVA Malware *

Qlocker Malware Encrypting QNAP Devices Using 7zip *

Twitter Mistakenly Sends Spam Emails *

ToxicEye Trojan Abusing Telegram to Steal Data *

PasswordState is Latest Victim of Supply Chain Attack *

WhatsApp Pink Malware Auto Replies to Skype, Signal and other Messengers *

Exchange Online Down; Microsoft 365 Outage Affects Email Delivery *

Pareto Android Botnet Attacks Smart TV Ads *

1.3 Million Windows RDP Servers Login Credentials found in Hacker Forum *

Multiple Vulnerabilities in Google Chrome Patched *

Microsoft Partially Fixes Windows 7 and Server 2008 R2 Vulnerability *

Attackers Infecting Google Play Store via Fake Applications *

Eversource Energy Reported Data Breach *

Attackers Actively Exploiting 4 Pulse Secure Vulnerabilities *

Attackers Target Multiple Networks in a Supply Chain Attack Post Codecov's Data Breach *

Revil Gang Attempted to Extort Apple via Alleged Quanta Hack *

Zero-day Vulnerabilities Patched in SonicWall Email Security *

Remote Code Execution Vulnerabilities Discovered in Cosori Smart Air Fryer *

Malvertising Campaign "Tag Barnakle" Compromised 120 Ad Servers *

Attackers Hacking Android Devices Remotely via WhatsApp Flaws *

Lazarus APT Using BMP Images to Distribute Trojan *

Geico Suffers Data Breach; Policyholders' Driver's License Numbers Stolen *

Researchers Found Campaign Mimicking Microsoft Store, Spotify Sites, and Chess Application *

WordPress Patches XXE Flaw in PHP 8 *

Domino's India Database Hacked; 10 Lakh Credit Card Details Leaked *

Critical Remote Code Execution Vulnerability in Juniper Devices Discovered *

Attackers Exploiting Critical Flaw in Facebook's Live Videos Feature *

Multiple Vulnerabilities Reported in EtherNet/IP Stack for Industrial Systems *

Malware Spreading via Xcode Projects; Infecting Apple's M1-based Macs *

Attackers Stealing Credentials via Operation "Overtrap" *

Fortinet Discloses a New FormBook Variant *

Hackers Gained Access via Vulnerable VPN Device in Capcom Ransomware Attack *

Critical Zero-day Vulnerability Found in Desktop Window Manager (DWM) *

Swinburne University, Australia Suffers Data Breach *

Twitter Suffering Worldwide Outage *

Google Released Chrome 90 *

Cyberattack on The University of Hertfordshire, UK *

Tata Communications Data Breached via Route Mobile *

Over 100 Million Devices Vulnerable to DNS Vulnerabilities *

Attackers Tampering Popular App Stores to Distribute Malicious Apps *

Researchers Disclosing Second Chrome Zero-day Exploit *

SAP Fixes Critical Flaws in SAP Commerce, NetWeaver & Business Client *

Spying Android RAT "BRATA" Strikes Back *

New Phishing Campaign Delivering Fake Antivirus Billing Notices *

Malware hidden in Fake Browserify NPM package *

Adobe Fixes 10 Vulnerabilities in Multiple Products *

QBot Operators Using QBot & IcedID Malware as Final Payload *

Malicious Facebook Ads Dropping Malware on Systems *

Bakker Logistiek Suffers Ransomware Attack *

Microsoft Office 365 Phishing Campaign Evades Detection with Malicious Javascript Code *

10 Malicious Applications in App Gallery Infected with Joker Malware *

Microsoft Patch Tuesday Security Advisory - April 2021 *

New Malware "Saint Bot" Snatching User Passwords *

IcedID Malware Delivered via Contact Forms *

Swarmshop Hacked; Over 600,000 Stolen Records Exposed *

Pharmaceutical Giant "Pierre Fabre" Suffers REvil Ransomware Attack *

Multiple Gigaset Android Smartphones are Infected with Malware *

New Android Malware Auto-spreads to Devices using WhatsApp Auto-replies *

Lazarus Hacking Group Strikes Back with Vyveva Backdoor *

Rockwell Automation Addresses 9 Critical Vulnerabilities in FactoryTalk AssetCentre *

VISA Warns of Increasing Web Skimming Attacks *

LinkedIn Data Breach; 500 Million Users Data Posted On Dark Web *

Unpatched Fortinet VPN devices are exploited by Cring Ransomware *

Cisco Patches Cisco SD-WAN vManage Software Vulnerabilities *

Chinese Hackers Attacks Government & Military of Vietnam *

A New Spear-Phishing Campaign Deploying Malware Using Voice Changing Software *

Attackers Targeting Firms Using new Banking Trojan "Janeleiro" *

Hackers Deploying 'more_eggs' Malware via Fake LinkedIn Job Offers *

European Commission and EU Organizations Suffer Cyber Attack *

Booking.com Fined $560,000 by DPA *

VMware Fixes Critical RCE Flaw in Carbon Black Cloud Workload *

Data of Over 279 "Only Fans" Accounts Posted Online *

TU Dublin and National College of Ireland Suffers from Ransomware Attack *

Attackers Actively Exploiting Unpatched SAP Applications *

Hackers Exploiting Windows OS "BITS" Component *

$38M Worth of Gift Cards Sold by Cybercriminal on Russian Hacking Forum *

Outlook "Cannot send this item" Error Patched by Microsoft *

Clop Ransomware Gang Leaks Multiple Universities Sensitive Data Online *

Attackers are targeting Japan Industries with Multiple Backdoors *

Fake jQuery Plugin Deploying Malware on Systems *

Electronics Manufacturer "Asteelflash" Suffers REvil Ransomware Attack *

Brown University Suffers Cyberattack *

US DOJ Warns of Fake Covid-19 Vaccine Survey Phishing Campaign *

FBI and CISA Warns of Exploits Against Unpatched Fortinet FortiOS Servers *

Threat Actors Attempt to Extort Ubiquiti Post Data Breach *

Researchers Report Spike in Ransom DDoS Attacks *

Bogus Pen-Test Company "SecuriElite" Targeting Security Professionals *

Facebook Data Breach; 533 Million Users Data Exposed *

Citrix Addresses Multiple Vulnerabilities in Hypervisor *

SolarWinds Patches Four Vulnerabilities in Orion Platform *

Attackers Hacked PHP's Git Server to add Backdoors *

Malicious “System Update” Android Malware is Compromising Devices *

German Parliament Members Targeted by Spear-Phishing Attack *

BazarCall Malware Infecting Systems via Malicious Phone Calls *

New 5G Security Flaw allows Denial-of Service Attacks & Data Access *

Campaigns Spotted Targeting Gamers via Malware hidden in Game Cheats and Mods *

Fat Face Discloses Data Breach; Pays $2 Million Ransom *

VMware Fixes Two Critical Flaws in vRealize Operations Manager *

Harris Federation Hit by Ransomware Attack *

Slack Disables New Feature Amid Security Related Concerns *

npm Fixes a Critical Networking Vulnerability in "netmask" Library *

OpenSSL fixes Two High Severity Vulnerabilities *

Microsoft Patches Windows 10 Secure Boot Vulnerability *

Weintek Patches Remote Code Execution Flaws in its Product Range *

Evil Corporation Employs Hades Ransomware to Evade Detection *

Two Critical Vulnerabilities Patched in a WordPress Plugin *

FBI Warns of Mamba Ransomware *

Mobikwik Data Breach; Over 5 Million Users Data Exposed *

Threat Actors Exploiting Critical Flaws in GE's Universal Relay Products *

Apple Patches Webkit Browser Engine's Zero-day Vulnerability *

Backblaze Reports Data Breach; 9,245 Users' Metadata Exposed *

New Cloudflare's Page Shield Feature notifies Malicious JavaScript Dependencies *

Purple Fox Operators are Targeting Vulnerable Windows Systems *

Two Dozen Malicious Chrome Extensions are distributing Malware Globally *

Microsoft Patches Privilege Elevation Flaw in PSExec *

Multiple Security Vulnerabilities discovered in Cisco Jabber *

Adobe Fixes Critical Vulnerability in ColdFusion *

CISA and FBI warn about Phishing Attack spreading TrickBot Malware *

Colorado & Miami Universities Suffers Data Breach due to Vulnerable Accellion FTA Servers *

High Availability Server Manufacturer Stratus Suffers Ransomware Attack *

Shell Suffers Data Breach due to usage of Vulnerable Accellion FTA Servers *

Attackers Exploiting Vulnerable Qualcomm Graphic Components on Android Devices *

CNA Insurance Firm Suffers Ransomware Attack; New Malware Family Used *

IoT maker "Sierra Wireless" Reports Ransomware Attack; Site Taken Offline *

Attackers are taking Control of Vulnerable Apache OFBiz ERP via RCE Vulnerability *

Phishing Campaigns Bypassing Secure Email Gateways *

Phishing Mails containing fake COVID-19 Relief Checks downloads Dridex Trojan *

Threat Actors Hacked Windows, iOS, Android Users via Zero-day Attacks *

Mirai Botnet Exploiting Critical Flaws in Network Security Devices *

MangaDex Taken Offline Post Cyberattack *

Black Kingdom Ransomware Exploits Zero-day Flaws in Microsoft Exchange Servers *

Road Ministry warns Multiple Indian Government Organizations post Cyber-Attack Threats *

Fake Telegram Desktop Application downloads AZORult Malware *

CISA releases CHIRP Tool for SolarWinds Malicious Activity Detection *

CopperStealer Malware is Hijacking Social Media Accounts *

DDoS-as-a-Service exploits Citrix Devices *

New Malware XcodeSpy Targets iOS & macOS Developers *

Acer Suffers Ransomware Attack; $50 million Ransom Demanded *

Zoom Screen-sharing Bug is exposing Sensitive Data to Unauthorized Users *

Post Microsoft Outage files are missing from SharePoint *

Phishing Campaign Targets US Taxpayers *

Pysa Ransomware is Targeting US & UK Educational Institutions *

Twitter Image can be abused to hide Malicious Files *

Hackers Exfiltrating Stolen Data via JPG Files *

Mimecast Says SolarWinds Hackers Accessed Some Source Code *

Ransomware Attack on Pune District Smart City Costs Project Operators 50 Million Dollars *

RTM & Quoter Ransomware are Targeting Russian Finance and Transport Organizations *

A Time Zone Bug Crashing iOS Clock Application *

Microsoft Releases Mitigation Tool for Exchange Servers Affected in ProxyLogon Hack *

WeLeakInfo Hacker Site Hacked *

Phishing Domains can now Detect Virtual Machines using JavaScript *

Blender Software Developer Reports Cyber Attack *

Researchers Discovered Nim based Malware Exploiting Devices *

Microsoft Suffers Outage; Multiple Services Affected *

Metamorfo Banking Trojan abuses AutoHotKey to steal User Information *

Threat Actors Exploiting Avira Antivirus to Deliver Banking Trojans via DLL Side Loading Attack *

New ZHtrap Botnet Malware is turning Infected Targets to Honeypots *

Three Privilege Escalation Vulnerabilities fixed in Linux Kernel *

Threat Actors Exploiting Linux based Systems with new RedXOR Malware *

A New Zero-day WordPress Vulnerability enables Site Takeover *

Google Patches Zero-day Vulnerability in Chrome *

Mozilla Addresses Linux Crashes, Apple Silicon Hangs in Firefox 86.0.1 *

Molson Coors Reports an Outage *

Windows 10 Emergency Updates fixes Printing Crashes *

Researchers Disclose New and Powerful Version of BADHATCH PoS Malware *

Spanish Government Labor Agency Suffers Ransomware Attack *

New DEARCRY Ransomware Exploiting Vulnerable Microsoft Exchange Servers *

OVH Data Center Reported Massive Outage *

Second Cyber Attack on Norway's Parliament *

Maryland Attorney Seizes 5th Domain Used in COVID-19 Vaccine Phishing Attacks *

Hackers Accessed Verkada's Live Surveillance Cameras *

iPhone Call Recorder App Exposes People's Conversations *

F5 BIG-IP issued patches for Critical Remote Code Execution Vulnerabilities *

Microsoft Discloses 3 New Malware Strains in SolarWinds Hack *

Microsoft Patch Tuesday Security Advisory - March 2021 *

GitHub Users were forcibly Signed out to patch a Security Bug *

9 Android Application on Google Play Store found to be distributing Malware Dropper *

Researchers Disclose Side-Channel Attacks on Vulnerable Intel CPUs *

Global Aviation Industry Tech Supplier "SITA" Suffers Massive Data Breach *

Apple Addresses Remote Code Execution Vulnerability in WebKit *

Adobe Patches Flaws in Creative Cloud, Connect & Frame-maker *

Researchers Disclose New Tor based Malware "gafgyt" *

New Sarbloh Ransomware Encrypting Victim Files through Political Agenda *

Flagster Bank Suffers Data Breach due to usage of Vulnerable Accellion FTA Servers *

Google Chrome Blocks Port 554 as a Counter to NAT Slipstreaming Attacks *

European Banking Authorities Exchange Servers Hacked *

Microsoft Themed Phishing Attack Stealing User Credentials *

Over 15 Schools in UK Suffered Cyberattack *

Multiple Cisco Products Exposed to DoS Attack due to Snort Vulnerability *

Microsoft Releases a Tool for ProxyLogon Security Verification on Exchange Servers *

Microsoft Outlook Breached; Over 20,000 Organisations Affected Globally *

Supermicro, Pulse Secure Patches Vulnerabilities in BIOS & UEFI Products *

Attackers Hiding ObliqueRAT Trojan in Image Files via Steganography *

GRUB2 Patches Multiple High Severity Vulnerabilities in Boot Loader *

Over 6,700 VMware Servers Exposed post Exploit Code Release *

Hackers Deploying Malware on Compromised Websites via SEO Techniques *

Over 100 Italian Banks Targeted via Ursnif Trojan *

VMware Patches Remote Code Execution Vulnerability in View Planner *

Attackers Targeting Investors via BEC Campaigns *

CompuCom Suffers Malware Attack Leading to Service Outage *

Botnet Campaigns Abusing Bitcoin Blockchains & Deploying Skidmap Malware *

AOL Phishing Campaign Reported Stealing User Credentials *

Researchers Disocvered DoS Vulnerability in Eclipse Jetty *

Qualys Suffered Data Breach due to Zero-day Vulnerability in Accellion FTA Server *

PrismHR Suffers Massive Outage *

Malaysia Airlines Discloses a Data Breach *

Chinese Cybercriminals Exploiting 4 Zero-day Vulnerabilities in Microsoft Exchange *

Universal Health Services lost $67 Million by Ryuk Ransomware Attack *

Google Patches Zero-day Vulnerability in Chrome *

Dependency Confusion Vulnerability Exploited to steal Linux/Unix Password Files *

Ransomware Attack on Aviation Giant Bombardier *

Dutch e-Ticketing Platform Ticketcounter Suffers Data Breach *

Chinese Hackers Targeting Indian Power Grids & Seaports *

World's Leading Dairy Products Group Lactalis Hit by Cyber Attack *

Drive Corruption Vulnerability in Windows 10 *

LazyScripter Actors Target Airlines with Remote Access Trojans *

New Variant of Ryuk Ransomware Observed Self-propagating in Local Network *

Cisco Patches Critical Severity Authentication Bypass Vulnerability in Cisco ACI MSO *

Sequoia Capital Suffers Data Breach post a Failed BEC Attack *

FriarFox Browser Extension Targeting Tibetan Organizations *

Windows 10 BSOD Issues Resolved via Intel Wireless Driver Updates *

Online Dating Application Gaper Vulnerable to Multiple Critical Zero-day Flaws *

US Federal Reserve Suffers Massive Outage Nationwide *

Researchers Discloses Potential Code Injection Flaw in NodeJS Library "systeminformation" *

TD Bank Recovering from Systemwide Banking Outage *

XBOX Live Suffers Global Outage *

Accellion Vulnerability Exposes Pharmacy & Employee Data in Kroger Data Breach *

Keybase Patches a Bug that Exposes Deleted Sensitive Media to Attackers *

Threat Actors Deploying New Variants of MINEBRIDGE RAT via Word Documents *

Powerhouse Management Suffers from Large Scale DDoS Attacks *

WACUP Patches Several Bugs in Winamp Media Player *

Over 8 Million COVID-19 Test Results Leaked *

TietoEVRY IT Services Suffers Ransomware Attack *

Microsoft Begins Windows 10 21H1 Beta Testing *

VMware Patches Critical RCE Bug in vCenter *

Python Software Foundation Addresses Two Vulnerabilities *

US Shares Information on AppleJeus Malware *

LinkedIn Suffers Global Outage for Two Hours *

Fake Adobe Flashplayer Update Installs Adware Bundle *

Brave Browser's "Tor Mode" Leaks Onion Queries in DNS Traffic *

Certification Giant Underwriters Laboratories (UL) Suffers from Ransomware Attack *

Magecart Hackers Stealing Credit Card Information via Google Apps Script *

Attackers Targeting Apple's M1 Chip via Malicious Adware Extension *

Cuba Ransomware Triggers Data Breaches In US Cities & Agencies *

Dutch Research Council (NWO) Suffered Cyberattack *

RIPE NCC Suffers Credential Stuffing Attack *

OpenSSL Project Releases A New Patch For Three New Vulnerabilities *

VMware Patches Vulnerability in vSphere Replication Software *

Windows 10 Secure Boot Patch Exposes BitLocker Recovery Key *

Kia Motors USA Suffers Massive IT Outage *

EMSISOFT Exposes Internal Log Data Generated by their Test Products *

EXMO Cryptocurrency Exchange Suffers DDoS Attack *

Researchers Discloses Unpatched Vulnerabilities in SHAREit for Android OS *

Yandex Insider Threat Compromises 4887 Customer Accounts *

Telegram's "Super-Secret" Feature Exposes Self-Destructing Media Files to Attackers *

Siemens Patches Multiple Vulnerabilities in Virtualization Software *

PayPal Patches XSS Vulnerability in Currency Converter Feature *

Over 30 Mobile Health Apps Exposing Records of Millions of Users *

Fortinet Patches Multiple Vulnerabilities In SSL, VPN & Web Firewall Products *

Critical XSS Vulnerabilities Fixed In WordPress Plugin "NextGen Gallery" *

Windows Kernel Escalation of Privilege Zero Day Bug is Fixed in Microsoft Patch Tuesday *

CISA Warns of High-Severity Vulnerabilities in Fuji Electric Products *

Researchers Discloses Multiple Vulnerabilities in YouPHPTube and AVideo *

Dairy Farm Suffers REvil Ransomware Attack *

C-Level Executives Targeted via Phishing Attack *

Over 3 Million Cook County Court's Sensitive Data Records Exposed *

Mozilla Enhances Firefox Security Against Super Cookies & Disables Adobe Flash Support *

Microsoft Azure Function Vulnerable to Privileges Escalation & Docker Escape *

Apple Patched iOS, iPadOS & tvOS Multiple Vulnerabilities *

Law Enforcement Agencies around the Globe takes Down Emotet Ransomware Gang *

Oscorp - Credential Stealing Android Malware *

Lebanese Cedar APT Targeted Telecoms, Hosting, ISPs Worldwide *

North Korean Hackers Attacking Security Researchers *

Cisco Discloses Multiple Vulnerabilities in Small Business Routers *

Researchers Discloses Critical Vulnerabilities in F5 BIG-IP Products *

Well-known Religious Services "The Temple" Suffers a DoS Attack *

Linux Systems Under Attack via FreakOut Malware *

QNAP Warns Users of Dovecat Crypto Miner Malware *

Microsoft Discloses Methods used by SolarWinds Hacker Group to Avoid Detection *

1.9 Million Pixlr Users Stolen Data Available on Free Forums *

Adult Social Media Platform Fleek Leaking Users Explicit Data *

4.1 Million AnyVan Users Data Compromised via Data Breach *

VLC Media Player Patches Several Remote Code Execution Vulnerabilities *

Cisco Fixes PreAuth Remote Code Execution Vulnerabilities *

Crypto Exchange LiveCoin Shutting Down Post Cyber Attack *

Microsoft Enabling Full Automation Support for Microsoft Defender AV *

Cisco Fixes Windows DLL Injection Vulnerability in Cisco AnyConnect Secure Mobility Client *

Raindrop Malware Observed in SolarWinds Hack *

FireEye Releases Tool to Detect SolarWinds Hack Techniques *

SolarWinds Malware "Raindrop" Hiding in Modified 7Zip Source Code *

Oracle Releases Quarterly Critical Patches *

Multiple Twitter Accounts Hacked in "Elon Musk" Crypto Scam *

Malwarebytes Breached by SolarWinds Threat Actors *

Apple Removes Vulnerable MacOS Features in MacOS 11.2 Beta 2 *

Cybercriminals Blunder Exposes Stolen Credentials in Plain Sight *

Threat Actors Bypassing Two-Factor Authentication for Several Cloud Services Accounts *

Microsoft Patches Zero Day Vulnerability in Defender Antivirus *

Google Bans 164 Offending Android Applications from Play Store *

Mozilla Releases Security Updates for Thunderbird *

Scammers Blackmailing Coinmama Users via Porn Backlinks *

Windows 10 Bug Corrupts Hard Drive via Single Line Command *

NSA Urges Organizations Not to Use Third Party DNS Resolvers *

Bitdefender Releasing Free Decryptor for DarkSide Ransomware Victims *

Scottish Environment Protection Agency (SEPA) Suffering Conti Ransomware Attack *

Microsoft Announces Windows Zerologon Flaw ‘Enforcement Mode’ *

Threat Actors Compromising Mimecast's SSL Certificates *

Researchers Exposes United Nations Data Breach *

Linux Mint OS Patches ScreenSaver Bypass Vulnerability *

UK's Nohow International Cloud Data Breached *

Threat Actors Exploiting Windows "Finger Command" via Phishing Campaign *

Large Scale Data Breaches Targeting Russian Federation in Year 2020 *

Over 390,000 Users Data Compromised in Capcom Data Breach *

DoS Vulnerability in RockWell Automation RSLinx Classic Software *

Breached COVID-19 Vaccine Data Leaked Online via Hacker Forums *

Fake Trump Scandal Video Distributing QNode Malware *

SolarWinds Threat Actors Accessing Department of Justice's Email Servers *

FBI Warns Organizations on Egregor Ransomware *

Pysa Ransomware Hits Hackney Council & Leaked Data Up for Sale *

FIN7 Hacking Group Leveraging JSSLoader Malware *

Indian Government Websites Leaking COVID-19 Patient's Test Results *

Earth Wendigo Campaign Exfiltrating Emails via JavaScript Backdoor *

British Airways Plans £3bn Breach Settlement *

North Korean Hacking Group Supply Chain Attack Targeting Stock Investors *

Multiple Vulnerabilities in Fortinet FortiWeb WAF Leading to Arbitrary Code Execution *

Phone and Email Scammers Impersonating as ACSC *

Ransomware Attack Knocks Out Funke Media Group *

ElectroRAT Malware Drains Funds from 6,500 Digital Wallets *

Lake Regional Healthcare Suffers Ransomware Attack *

NameSouth's Data Breached by NetWalker Ransomware Group *

Sabre Corporation's 2017 Data Breach LawSuit Verdict *

Microsoft’s Windows Core Polaris Leaked Online *

10,000 American Express Credit Card Holder's Data Breached *

Vodafone's ho. Mobile Suffers Data Breach Impacting 2.5m User Records *

Hackers Launch Swatting Attacks by Exploiting Smart Home Devices *

SolarWinds Supply Chain Attack Led Hackers Access to Microsoft Source Code *

Secret Backdoor Account Detected in Several Zyxel Firewall & VPN Products *

CISA Releases Sparrow.ps1 Tool for Azure/M365 *

Japanese Aerospace Firm Kawasaki Warns of Data Breach *

Japanese Game Developer Koei Tecmo Suffers Data Breach *

FreePBX Developer Sangoma Technologies Hit by Conti Ransomware *

Authentication Bypass Vulnerability in SolarWinds Orion API *

Whirlpool Hit by Nefilim Ransomware Attack *

Adobe Flash Player Reaches End-Of-Life (EOL) *

Phishing Campaign Using Chase Banking Security Notice Emails *

Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability *

Smart Doorbell Devices Easily targeted by Hackers *

Cybercriminal's Bulletproof VPN Service Shuts Down *

Authentication Bypass Vulnerability in Bouncy Castle *

Chinese APT Group Operation StealthyTrident *

Critical Security Vulnerabilities Reported in Dell Wyse Thin Clients *

Ransomware Threat Actors Using 'SystemBC' Malware as Backdoor *

QNAP Fixes High Severity Vulnerabilities in NAS Devices *

CrowdStrike Launches Reporting Tool to Audit Azure AD Permissions *

Chinese Mobile Giant Xiaomi Recording Millions of Users Private Web & Phone Usage *

Al Jazeera Journalists Targeted via Pegasus Spyware *

VMware Vulnerability Exploited in SolarWinds Supply Chain Attack *

Credential Stealer Malware Targeting Financial Institutions *

Clop Ransomware Attack Detected on Symrise *

Microsoft Defender Blocking Known Malicious SolarWinds Binaries *

Mozilla Releases Security Fixes for Multiple Security Vulnerabilities *

Sextortion Campaign Targeting iOS, Android Users via Goontact Spyware *

New Windows Trojan Steals Browser Credentials, Outlook Files *

5G Network Architecture Multiple Vulnerabilities Discovered *

Contact Form 7 WordPress Plugin Emergency Patch Released *

MoleRats APT Variant Stealing Sensitive Data *

Unauthenticated Command Injection Flaw Exposes D-Link VPN Routers to Attacks *

Iranian Rana Android Malware Snooping on Instant Messenging Platforms *

Samsung Fixes Critical Android Bugs *

Adobe Releases Security Updates *

COVID-19 Vaccine Data Leaked *

Ransomware Attack on Netgain Technologies *

70 Lakh Indian Cardholders Data Leaked on Dark Web *

FireEye's Red Team Security Testing and Assessment Tools Stolen by State-Sponsored Hackers *

Microsoft Patch Tuesday Security Advisory - December 2020 *

Ransomware Attack on Television Production Company - Banijay Group SAS *

Maze Ransomware Attack on Canon *

DeathStalker APT Group Offers Hack For Hire Service *

Security Researchers Accidentally Discovers Windows Zero-Day *

Bandook Malware Targeting Multiple Sectors *

Windows 10 20H2 Update Fixes Broken In-Place Upgrade Feature *

Microsoft Office Products Non-Security Updates November 2020 *

Advanced Persistent Threat Attack Targeting U.S. Think Tank *

Huntsville City Schools District Shut Down by Ransomware Attack *

Ryuk Ransomware Attacks K12 Online School Platform *

Malicious npm Packages Installing Remote Access Trojans *

IoT Chip Maker Advantech Hit by Conti Ransomware *

Gootkit Malware Returns with REvil Ransomware *

New CursedGrabber Malware *

Delaware County Hit by DoppelPaymer Ransomware Attack *

Hackers Targeting COVID Vaccine Maker AstraZeneca *

Data Breach Attack on Peatix Events Management Organization Inbox *

LidarPhone Attack Converts Smart Vacuums into Microphones *

Mercy Iowa City Hospital Data Breach *

Over 300K Spotify Accounts Hacked *

Industrial Control System Vendors Warn of Critical Bugs *

Cisco Webex Ghost Flaw *

Chinese Sponsored Cyber Criminal Group Attacking Japan-Linked Organizations *

Cisco Webex Meetings API Cross-Site Scripting Vulnerability *

Mozilla Released Firefox 83 *

Unprotected Database Exposed a Scam Targeting 100K+ Facebook Accounts *

Mount Locker Ransomware Targeting TurboTax files *

Chinese APT Group FunnyDream *

Supply-Chain Attack Distributing Malware in South Korea *

APT 'Hackers For Hire' Target Financial, Entertainment Firms *

Multiple Vulnerabilities in Cisco Security Manager Software *

New Phishing Campaign Delivering Jupyter Malware *

Image Inversion Technique to Bypass Office 365 *

Critical Vulnerabilities Discovered in World's Largest Android TV Manufacturer *

E-Shops Running Vulnerable Version of Magento *

Source Code of Cobalt Strike Toolkit Shared Online *

Critical Remote Code Execution Vulnerability in Oracle WebLogic Server *

Animal Jam Kids Virtual Playground Suffered Data Breach *

Security Vulnerabilities in Unity Orchestrator SD-WAN *

High Severity Security Vulnerability in Cisco’s IOS XR Software *

Chrome Zero-day Vulnerabilities *

Australian Government Warns Healthcare Sector against Ransomware Attack *

Mozilla Releases Security Updates *

xHunt Hackers Attacking Exchange Servers *

Ransomware Attack on Blackbaud Cloud Software Provider *

Ransomware Hits E-Commerce Software Platform X-Cart *

Ubuntu GNOME Display Manager Vulnerability allows Root Access *

Ransomware Attack on Australian Media Monitoring Company *

Scammers Impersonating IRS for Payment Fraud *

Adobe Releases Security Updates *

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug *

Microsoft Teams ‘Fake Updates’ Malware Campaign *

Critical Security Updates for Multiple Intel Products *

Ghimob Banking Trojan *

Ransomware Attack on Italian Liquor Brand - Campari *

Microsoft Patch Tuesday - November 2020 *

Pay2Key Ransomware *

True Social Network App Exposed *

Critical Security Flaws in SaltStack IT Infra Management Solution *

Phishing Attacks on Russian Industrial Enterprises *

Cisco AnyConnect Arbitrary Code Execution Vulnerability *

Multiple Vulnerabilities in Google Android OS *

Multiple Vulnerabilities in Adobe *

Folksam Data Breach *

Bigbasket Suffers Data Breach - Data of 2 Crore Users Now On Sale In Dark Web *

Apple Fixes Three iOS Zero-Days *

Capcom Hit by Ragnar Locker Ransomware *

Dridex Botnet Stealing Banking Credentials *

VMware Multiple Security Updates *

Second Hand USB Drives Expose Sensitive Information of Previous Owners *

New Google Drive Phishing Campaign *

Cyberattack on Vermont Health Network *

Alibaba's Online Store RedMart Suffers Data Breach *

Bank Phone Numbers are being Spoofed to Rob Victims *

Windows Zero-Day Exploit Publicly Disclosed *

Nitro Software Massive Data Breach *

Cryptocurrency Service 'Harvest Finance' Hacked - $24 Million Stolen *

New Delivery Method of Emotet has been discovered *

Cyberattacks Hit Schools & Colleges *

Patients in Finland Blackmailed *

KashmirBlack Botnet *

Multiple Vulnerabilities in Fujitsu M12 Servers *

IT Service Provider Sopra Steria Hit by Ryuk Ransomware *

High Severity NVIDIA GeForce Experience Vulnerabilities Patched *

SQL Injection Vulnerability in Rapid7 Nexpose *

Information Disclosure Vulnerability in Linux Kernel *

Multiple Security Vulnerabilities Identified in WAGO’s Cloud Connectivity Controllers *

Browser Locker Scam Campaigns *

VMware Multiple Security Updates *

Zero-Click Vulnerabilities Identified in the Linux Bluetooth Software Stack *

Browser Address Bar Spoofing Vulnerabilities in Multiple Mobile Browsers *

Multiple Vulnerabilities in HP's Intelligent Management Center (IMC) Software *

High Severity Router Vulnerability in Cisco IOS XR Software *

Google Chrome Browser Multiple Security Updates *

GravityRAT *

Rise in QR Code Related Scams *

Latest Release of Chrome and Edge Generating Random Log Files *

Multiple Vulnerabilities in Magento CMS *

Multiple Vulnerabilities in SonicWALL Sonic OS *

Multiple Vulnerabilities in F2FS Toolset *

Juniper Networks Releases Security Updates *

Silent Librarian APT *

Clips from Exposed Home Security Cameras Posted Online *

Microsoft Disrupts TrickBot Malware Network *

Double Extortion Ransomware Attack on Software AG *

Denial-of-Service Vulnerabilities in Allen-Bradley Flex I/O System *

Adobe Flash Player Application Critical Patch Update *

Microsoft Patch Tuesday - October 2020 *

Microsoft Patches Critical Remote Code Execution Vulnerabilities *

Information Disclosure Vulnerability in Apache Tomcat *

Fitbit Spyware Watch Face *

MontysThree Malware Used In Targeted Industrial Espionage Attacks *

Critical Flaws Found In QNAP Helpdesk Leading To Device Takeover *

New Cryptojacking Variant : Black-T *

Vulnerability in Apple's T2 Mac Security Chips *

Google Releases Patches for 50 Android System's Vulnerabilities *

Trump's Health Email phishing Campaign Delivering BazarLoader Trojan *

Cisco Patches Multiple Vulnerabilities *

BAHAMUT : Hack For Hire Service *

Flaws In Top Antivirus Softwares Leading to Privilege Escalation *

Facebook Disables Chinese-Sponsored SilentFade Malware Campaign *

HEH Botnet *

APT Attack Injects Malware into Windows Error Reporting *

COVID-19 Clinical Trial Hit by Ransomware *

Multiple Vulnerabilities in Google Chrome Web Browser *

Iranian hackers are exploiting the Zerologon vulnerability *

Indian State Government Massive Data Breach *

MosaicRegressor Malware Framework UEFI Firmware Bootkit *

DDoS Attacks by Ransomware Attacker Groups *

XDSpy APT Group *

Backdoors in Microsoft 365 & Azure Active Directory using AADInternals PowerShell Module *

Raccine Ransomware Vaccine *

Microsoft Office 365 OAuth Access Token Phishing *

Egregor Ransomware *

InterPlanetary Storm Botnet Infects 13K Mac and Android Devices *

Multiple Security Vulnerabilities in Wireshark Packet Analyzer *

Palmerworm Espionage Campaign *

Swatch Shuts Down IT Systems to Stop Cyberattack *

Operation Sidecopy Launches Attack on Defense Forces in India *

Microsoft Removed 18 Azure AD Applications *

Microsoft Windows XP Source Code Leaked Online *

Multiple Vulnerabilities in Apple Products *

247K Microsoft Exchange Servers Vulnerable for RCE *

A Bug in Windows Server 2016 *

Magento Credit Card Stealing Malware *

Federal Agency Hit by Cyber Attack *

Chalubo DDoS Botnet Targeting Unsecured SSH Servers *

UHS hospitals Hit By Ransomware Attack *

Phishing Campaign stating End of Support for Windows 7 *

Microsoft Office 365 Outage Reported in USA & Australia *

Joker Trojan *

Taurus Malicious Ad Campaign *

Cisco Patches Multiple Security Bugs *

APT-C-43 Steals Military Secrets *

Microsoft Outlook Squatting Campaign *

MoDi RAT *

Heap Buffer Overflow Vulnerability in Instagram *

Mozilla Firefox 81 Released *

Automated MEOW Attack *

RansomExx Ransomware Attack on Tyler Technologies *

Phishing Campaign Targets AT&T Global Employees *

TinyCryptor Ransomware *

Multiple Security Vulnerabilities in Google Chrome Web Browser *

Mozilla Bug - Hijacking Firefox Android Browsers *

Maze Attackers adopt Ragnar Locker VM technique *

Chinese Hackers Targeting U.S. Agencies *

Multiple Vulnerabilities in Apple Safari *

ZShlayer Malware *

APT41 Chinese Hacking Group *

Phishing Scam using Security Awareness Training Emails *

MrbMiner Malware *

MFA Bypass Vulnerability in Microsoft 365 *

Prometei Multi-Modular Botnet *

Emotet Malware New Spamming Campaign *

Lemon Duck Cryptominer *

Qakbot malware *

Trojan Glupteba

Cyber Threat Post

Latest Threat

As per the sources, Buhti, a newly discovered ransomware operation, has emerged utilizing the leaked code from the LockBit and Babuk ransomware families to target Windows and Linux...

Published Date: 2023-05-27

Buhti Ransomware Gang Exploits Leaked Encryptors to Target Windows and Linux Systems

About Cyber Threat Post

Stay Updated! Stay Secured!

Cyber Threat Post has been launched with an objective to be a prominent source of key information being updated in real-time to protect business-critical assets against cyber attacks and unforeseen cyber risks.

Infoshare Varutra's Managed SOC team at Cyber Defence Center closely works with our Threat Intelligence experts in hunting for vulnerabilities worldwide and publishing security advisories along with easy to implement, real actionable recommendations to help business IT Teams.

Researchers Uncover Predator Android Spywar... Researchers Uncover Predator Android Spyware’s New Data Theft Capabilities Cisco Talos and the Citizen Lab have conducted a detailed technical analysis o... Published Date: 2023-05-27 View Post	Critical Vulnerability in Google Cloud'... Critical Vulnerability in Google Cloud's Cloud SQL Service Exposes Confidential Data Israeli cloud security firm Dig has recently disclosed a new security flaw in ... Published Date: 2023-05-27 View Post	D-Link Fixes Critical Vulnerabilities in it... D-Link Fixes Critical Vulnerabilities in its D-View 8.0 Network Device Management Platform D-Link, a Taiwanese networking solutions manufacturer, has patched two critica... Published Date: 2023-05-26 View Post
New Russian-linked Malware 'COSMICENERG... New Russian-linked Malware 'COSMICENERGY' Targets Industrial Systems Mandiant found a novel malware called 'COSMICENERGY' that is attribute... Published Date: 2023-05-26 View Post	Threat Actors Found Using Encrypted RPMSG M... Threat Actors Found Using Encrypted RPMSG Messages in Microsoft 365 Phishing Attacks According to reports, threat actors are leveraging hijacked Microsoft 365 acco... Published Date: 2023-05-26 View Post	Barracuda Networks Patches Zero-Day Vulnera... Barracuda Networks Patches Zero-Day Vulnerability in its Email Security Gateway Appliance Barracuda Networks, a provider of security app delivery and data protection so... Published Date: 2023-05-26 View Post

Subscribe To Cyber Threat Post

Be the first to receive the updates on the latest Cyber Threats and the recommendations from our industry leaders to secure your business from such attacks.

First Name *

Last Name *

Email *

Phone

Message *

This website uses COOKIES in order to offer you the most relevant information. Please accept cookies for optimal performance.

Cyber Threat Post

Buhti Ransomware Gang Exploits Leaked Encryptors to Target Windows and Linux Systems Buhti Ransomware Gang Exploits Leaked Encryptors to Target Windows and Linux Systems

About Cyber Threat Post

Researchers Uncover Predator Android Spywar...

Critical Vulnerability in Google Cloud'...

D-Link Fixes Critical Vulnerabilities in it...

New Russian-linked Malware 'COSMICENERG...

Threat Actors Found Using Encrypted RPMSG M...

Barracuda Networks Patches Zero-Day Vulnera...

Subscribe To Cyber Threat Post

Protect your Data and Brand Value from Data Breaches!

Infoshare-Varutra provide security services at an affordable price!

Reach Us: contact@infosharesystems.com