Malicious Websites Exploit SEO Poisoning to Spread Malware *

FTC Announces $5.6 Million Refunds to Ring Users Over Privacy and Security Issues *

North Korea-Linked Lazarus Group Unveils Complex Attack Chain Targeting Asia *

Security Research Reveals Vulnerabilities in Microsoft Warbird and Protected Media Path Technologies *

Phishing Campaign Exploiting Compromised Email Accounts Targets Autodesk Drive Users *

DOJ Announces Arrest of Samourai Wallet Founders for Money Laundering Conspiracy *

Critical Vulnerabilities in Brocade SANnav Management Application Expose Fibre Channel Infrastructure *

Hackers Exploit Cisco Zero-Days to Breach Government Networks *

Critical Security Vulnerabilities Expose Keystrokes of More Than 1 Billion Chinese Keyboard App Users *

Czech News Agency's Website Hacked, Spreads False Assassination Attempt Story *

Iran-Linked Hackers Execute Five-Year Cyber Espionage Campaign *

Multistage Attack Leveraging SSLoad and Cobalt Strike Detailed by Researchers *

Google Releases Update to Fix Critical Chrome Vulnerability *

Vulnerabilities in iSharing App Expose Millions to Location Tracking *

North Korean Hackers Target Dozens of South Korean Defense Companies *

Open-source Cloud Console Cartographer helps security teams transcribe log activity *

Russia-Linked Hacker Group Targets Indiana Water Treatment Plant *

Ransomware Report Highlights Shifts in RaaS Landscape and Increase in Victims *

Security Researchers Expose Windows Defender Vulnerability Enabling Database Deletion *

Phishing Campaign Exploiting Nespresso Website Vulnerability Evades Detection *

Kaspersky Uncovers Sophisticated Scam Targeting Telegram Users for Toncoin (TON) *

North Korean State-Sponsored Hackers Embrace AI in Cyber Operations *

GuptiMiner Malware Campaign Exploiting eScan Antivirus Update Mechanism *

JavaScript Malware Shifts to Server-Side Redirects & DNS TXT Records as Traffic Direction System (TDS) *

Critical Vulnerabilities Found in WordPress Plugin Forminator *

New PedoRansom Malware Targets Child Exploiters with Extortion Tactics *

Cyber Agency Warns of Increasing Targeting of Ukrainian Soldiers' Apps for Spying *

Androxgh0st Malware Exploits Servers Worldwide for Botnet Attacks *

Unveiling the Threat: Malicious PyPI Package "discordpy bypass 1.7" and Its Stealthy Tactics *

Uncovering a Dependency Confusion Vulnerability in an Archived Apache Project *

Surge in Quishing Attacks and Evolving Phishing Trends Highlight Latest Cybersecurity Threats *

MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Vulnerabilities *

CrushFTP Urges Immediate Patching for Actively Exploited Zero-Day Vulnerability *

Beware of Sophisticated Google Ad Phishing Scam Targeting Whales Market Users *

Cannes Hospital Forced to Cancel Medical Procedures Due to Cyberattack *

Rise of Cheap, Disposable Ransomware on Dark Web Forums *

U.S. Dam Cybersecurity Raises Alarming Concerns Amid Growing Threats *

Frontier Communications Addresses Cyberattack, Works on System Restoration *

160 Ransomware Attacks Strike Food and Agriculture Sector in 2023 *

Data Breach at Michigan Healthcare Organization Affects 180,000 Individuals *

Malicious Hackers Target SAP Applications, Exploiting Cloud Migration and Security Vulnerabilities *

US Justice Department Charges Moldovan National for Operating Large-Scale Botnet *

International Law Enforcement Disrupts 'LabHost' Phishing Service, Arrests 30+ Worldwide *

Unveiling MadMxShell: A Sophisticated Malware Campaign Targeting IT Professionals *

Persistent OfflRouter Malware Infects Ukrainian Government Networks *

American Automaker's IT Staff Targeted by FIN7 in Phishing Campaign *

Mass Brute-Force Attacks Targeting VPN and SSH Services *

Czech Minister Warns of Russian Attempts to Sabotage European Railways *

Atlassian Vulnerability Exploited: Linux Variant of Cerber Ransomware Deployed *

Debian Security Update: Patching Critical Vulnerabilities in GTKWave *

Surge in Cyber Attacks Targeting Philippines Amidst South China Sea Tensions *

BreachForums Faces Cyber Attack, Admins Stand Resolute *

Kaspersky Discovers SoumniBot, a Innovative Android Banking Malware Evades Detection *

Iranian-Backed Hacking Group Allegedly Threatens Israeli Citizens with Radar System Hijack *

Threat Actors Target T-Mobile and Verizon Employees in SIM Swap Scheme *

Critical Security Flaw in Chirp Systems' Software Enables Remote Unlocking of Smart Locks *

Ukrainian Hacker Group Deploys Destructive Malware Fuxnet in Attacks Against Russian Infrastructure *

Imperva's 2024 Bad Bot Report Highlights Rising Threat of Malicious Bots *

Critical PuTTY Vulnerability Exposes NIST P-521 Private Keys *

Ivanti Alerts Users to Critical Vulnerabilities in Avalanche MDM Solution *

Orca Research Reveals LeakyCLI Vulnerability in AWS and Google Cloud CLI Tools *

LockBit Ransomware Resurfaces with Enhanced Self-Propagation Capabilities *

Global Organizations Targeted by SteganoAmor Attacks Leveraging Steganography *

Pune Cyber Crime Police Investigate 3.4 Crore Share Trading Scam *

Critical Vulnerability in Delinea Secret Server Requires Immediate Action *

Data Breach at Cisco Duo's Telephony Supplier Exposes MFA Messages Sent Over SMS and VOIP *

AI Voice Cloning: The Growing Threat to Financial Security *

Muddled Libra's Strategic Shift: Exploiting SaaS and Cloud for Extortion and Data Theft *

Omni Hotels Targeted by Daixin Ransomware Gang in Cyberattack *

Chipmaker Nexperia Confirms Data Breach by Dark Angels Ransomware Group *

Royal Mail's Barcoded Stamps Fail to Prevent Flood of Forgeries in the UK *

DPRK Utilizes Phantom DLL Hijacking and TCC Abuse by Leveraging Two MITRE Sub-Techniques *

Evolution of Earth Hundun's Cyberespionage Activities Using Waterbear and Deuterbear Malware *

Intel and Lenovo Servers Exposed to 6-Year-Old BMC Vulnerability *

Iranian Threat Actor MuddyWater Expands Arsenal with DarkBeatC2 Infrastructure *

XZ Utils Backdoor Files Found in Popular Rust Crate liblzma-sys *

Hoya Corporation Hit by Ransomware, Attackers Demand $10 Million *

Apple's Updated Warning System by Addressing Mercenary Spyware Threats and Zero-Day Exploits *

Massive SMS Phishing Scam Targets Americans with Fake Road Toll Notices *

Telegram Windows Desktop App Patched to Address Zero-Day Exploiting Python Script Launch *

Palo Alto Networks Issues Advisory for CVE-2024-3400 Exploiting Firewall Vulnerability *

Unveiling AWS's Battle Against IP Spoofing and DDoS Assaults *

FAQs from the 2024 State of the Phish Report: Understanding the Threat Landscape *

Revisiting MACT: Exploring Malicious Applications within Trusted Cloud Environments *

Security Alert: TA547 Strikes German Entities Using Rhadamanthys Malware *

Space Force Chief: US Faces Loss Without Assistance from Musk and Bezos *

X Resolves URL Error Potentially Facilitating Convincing Social Media Phishing Scams *

CISA Issues Warning: Federal Email Systems Targeted by Russian Hackers Exploiting Microsoft Accounts *

Microsoft Two-Step Phishing Campaign Targets LinkedIn Users: A Professional Hook *

Exploitation of Oversized LNK Files by Vedalia APT Group in Malware Campaign *

Circumventing SharePoint Security: Two Novel Methods for Evading Exfiltration Detection *

Data of 7.5 Million Customers Leaked in Attack on Consumer Electronics Giant boAt *

Spectre V2 Exploit Targets Intel CPU-Based Linux Systems *

Over 91,000 Smart LG TVs Exposed to Remote Takeover Due to Vulnerabilities *

New Ahoi Attacks Pose Threat to Confidential Virtual Machines *

Researchers Uncover 'Muliaka' Ransomware Group Targeting Russian Enterprises *

KernelCare Live: CVE-2024-1086 Patches Released for CloudLinux 6h and 7 Users *

Microsoft Addresses Critical Vulnerability in Azure Kubernetes Service Confidential Containers *

Browser Fingerprinting: Cybercriminal Utilization *

Phishing Deception Unveiled: Suspended Domains Unleash Malicious Payload in Latin America *

Microsoft Patch Tuesday Security Advisory - April 2024 *

Rising Trend: Malware-Initiated Vulnerability Scanning *

Hackers Focus on Human Rights Activists in Morocco and Western Sahara *

10-Year-Old Romanian Hacker Collective 'RUBYCARP' Emerges with Botnet Operations *

Security Alert: Multiple Adobe Software Products Affected by Code Execution Vulnerabilities on Patch Tuesday *

Fake E-Shop Campaign Targets Banking Security Across Regions *

New Latrodectus Malware Emerges in Phishing Campaigns *

Targus Discloses Cyberattack, Temporarily Disrupting Operations *

Google Sues Chinese Developers Over Fake Cryptocurrency Apps Scam *

UK Authorities Investigate 'Honey Trap' Scheme Targeting Westminster Figures *

D-Link NAS Devices Vulnerable to Critical Command Injection and Backdoor Flaw *

Massive Data Breaches Hit Hawai Based Insurance Giant and Healthcare Providers *

Home Depot Data Breach Exposes Employees to Phishing Risks *

Red CryptoApp Ransomware Group Unveils 'Wall of Shame' for Exposed Victims *

Cisco Alerts Users to Vulnerability in End-of-Life Small Business Routers *

Facebook Malvertising Campaigns Exploit Interest in AI to Spread Password-Stealing Malware *

Byakugan Malware Exploits Adobe Acrobat Reader Installers *

Emerging Threats to AI-as-a-Service Security *

Vulnerability in HTTP2 Protocol's CONTINUATION Frame Enables DoS Attacks *

Cyberattack Causes Disruption to Hoya's Optics Production and Orders *

City of Hope Notifies Over 800,000 Individuals of Data Breach Impacting Personal and Health Information *

Progress Software Releases Critical Patches for Flowmon Vulnerability *

Magento Shoplift Malware Targets WordPress Sites *

Visa Alerts Financial Institutions of JsOutProx Malware Surge Targeting Customers *

Rising Threat of SMS Phishing (Smishing) Targeting Enterprises *

SurveyLama Data Breach Exposes 4.4 Million Users' Personal Information *

Google Issues Patches for Actively Exploited Pixel Vulnerabilities *

Prudential Financial's Data Breach Affects 36,000 Individuals *

Ransomware Group INC Ransom Claims Responsibility for UK City Council Cyber Attack *

Security Alert: Highly Sensitive Files Disappear from Europol Headquarters *

Critical Linux Vulnerability 'WallEscape' Exposes User Passwords *

Agent Tesla Malware Targets American and Australian Organizations in Recent Campaign *

Ivanti Issues Emergency Patches for 4 Vulnerabilities in Connect Secure and Policy Secure *

Threat Actors Use YouTube Video Game Cracks to Deliver Malware *

Critical Vulnerability Detected in LayerSlider Plugin Installed on a Million WordPress Sites *

Google Settles 'Incognito Mode' Privacy Lawsuit, Agrees to Delete Billions of Browsing Records *

Surge in Cyberattacks Inflicting Physical Disruption *

Binarly Introduces Free Scanner to Detect Linux Executables Affected by XZ Utils Supply Chain Attack *

WordPress WP-Members Plugin Vulnerability Enables Script Injection *

NIST Faces Challenges with National Vulnerability Database, Urgent Calls for Action *

Google Introduces Device Bound Session Credentials (DBSC) for Enhanced Browser Security in Chrome *

Ransomware Suspected in Missouri County's Tax Payment Disruption *

Vulnerability in Hotel Self Check-In Kiosks Exposes Room Access Codes *

China-Linked Hackers Unleash Stealthy 'UNAPIMON' Malware for Covert Operations *

Malicious Android Apps Transforming Phones into Proxies for Cybercriminals Discovered *

PandaBuy Data Breach Exposes Information of 1.3 Million Users *

The Absence of Human Imperfections: AI's Identifying Flaw *

OWASP Foundation Discloses Data Breach Affecting Specific Members due to Misconfigured Legacy Wiki Server *

Indian Government Rescues 250 Citizens Compelled into Cybercrime Activities in Cambodia *

Pentagon Outlines Strategy for Enhancing Cybersecurity of Defense Industrial Base *

Sellafield Nuclear Waste Facility Faces Prosecution Over Cybersecurity Lapses *

MarineMax, a Yacht Retailer, Reveals Data Breach Following Cyberattack *

Vultur Banking Malware Masquerades as McAfee Security App on Android *

Prisma Finance Crypto Theft Concludes Unusual Week of Platform Breaches *

Activision Urges 2FA Activation for Accounts Compromised by Recent Malware Theft *

Google Podcasts Service to Close in the US Next Week *

More Than 100 Malicious Packages Aiming at Popular ML PyPi Libraries *

AT&T Reports Exposure of 73 Million Customers' Data on Dark Web *

Malicious Backdoor Discovered in xz: A Critical Data Compression Library for Linux *

Malicious Ads Distribute Stealer Malware, Targeting macOS Users *

Data Breach at Massachusetts Health Insurer Affects 2.8 Million Individuals *

Cisco Alerts Regarding Password-Spraying Attacks on Secure Firewall Devices in the US *

Darcula, The Global Threat of Phishing-as-a-Service Exploiting Victims Worldwide *

Emergence of Linux Variant of DinodasRAT in Global Cyber Campaigns *

Google Releases Chrome Browser Security Update to Patch Vulnerabilities *

NHS Scotland Contained Ransomware Attack, Ensuring Regional Isolation *

Vietnam's Leading Securities Brokerage Hit by Cyberattack, Halting Trading Operations *

Ransomware Strikes Municipalities in Texas and Georgia, Disrupting Essential Services *

Cyberattack Strikes Hot Topic with Credential Stuffing, Data Compromised *

Cryptocurrency Scammers Hijack Trezor's Twitter Account Using Fake Calendly Invite *

TheMoon Malware Rapidly Infects 6,000 ASUS Routers in 72 Hours for Proxy Service *

Code Execution Vulnerabilities Discovered in NVIDIA ChatRTX for Windows *

Chinese APT Groups Targeting ASEAN Entities Uncovered *

Guardio Labs Discovers Vulnerability in Microsoft Edge *

Hackers Target India's Defense and Energy Sectors with Malware Disguised as Air Force Invitations *

Dubious NuGet Package Raises Concerns of Chinese Industrial Espionage *

Chinese Cybersecurity Firm Linked to Communist Party Government Targets Australia *

Portugal Mandates Halt to Biometric Data Collection by Sam Altman's Worldcoin *

State Department Issues Alert on Fraudulent Scheme Targeting Payroll Systems *

UK Street Newspaper, Big Issue, Targeted by Ransomware Gang *

Japan Conducts First Cyber Defense Exercises with Pacific Island Nations *

Finland Confirms APT31 Hackers Responsible for 2021 Parliament Breach *

AMD Zen CPUs Vulnerable to New ZenHammer Memory Attack *

Giant Tiger Reports Customer Data Breach Linked to Third-Party Vendor *

Free VPN Apps on Google Play Convert Android Devices into Proxies *

Sophisticated Attack Campaign Targets GitHub with Malicious Packages Impacting Top.gg and Others *

New Zealand Reveals State-Sponsored Cyberattacks from China *

Critical 17,000 Vulnerabilities Found in German Microsoft Exchange Servers *

Raspberry Pi Transformed into Cybercriminals' Plug-and-Play Fraud Tools *

Lumen Technologies Uncovers 40,000-Strong Botnet Utilizing End-of-Life Devices *

Panera Bread Hit by Nationwide IT Outage Since Saturday *

Mitigating Shadow AI Risks in Organizational Settings *

Petersen Health Care Declares Bankruptcy Following Cyberattack and Loan Defaults *

Hacking Group R00Tk1t Targets Indian Political Party, Raises Concerns Ahead of Elections *

UK's Communications Workers Union Faces Cyberattack *

Google's AI-Driven Search Feature Accused of Promoting Scam Sites *

StrelaStealer Malware Targets Organizations in US and EU Through Large-Scale Phishing Campaigns *

Russian State-Backed Hackers Target Ukrainian Internet Providers in Sophisticated Cyberattacks *

SCAA Faces Cyberattack: Data of 70,000 Members Possibly Compromised *

Mozilla patches Firefox zero-days worth $100,000 after a two-day hackathon *

German Authorities Dismantle Major Online Marketplace for Drugs and Cybercrime *

Illinois County Government and Local College Hit by Ransomware Attacks *

FlowFixation Vulnerability in AWS Managed Workflows for Apache Airflow *

GoFetch Side-Channel Attack Targets Apple M1, M2, and M3 Processors *

Ivanti Fixes Critical Vulnerabilities in Standalone Sentry, Neurons for ITSM *

Tax Phishing Attack Targets Small Business Owners for Social Security Numbers *

Security Researchers Uncover Critical Flaw in Hotel Door Systems *

Foxit Reader Vulnerability Exploit Sparks Urgent Patch Release *

GitHub Unveils AI-Powered Tool for Automatic Code Vulnerability Fixes *

Pwn2Own Vancouver: Successful Hacks on Windows 11, Tesla, and Ubuntu Linux *

Microsoft Releases Patch for Xbox Vulnerability After Initial Dismissal *

Chinese Hacker Exploiting Vulnerabilities Targets Global Institutions *

Malware-as-a-Service Campaign Targets Android Users in India *

Hackers Target Belgian Grand Prix Fans with Phishing Scam *

Critical Vulnerabilities Found in Argo GitOps Tool for Kubernetes *

Atlassian Fixes Critical Vulnerability in Bamboo Data Center and Server *

Windows Server Updates Trigger LSASS Memory Leak, Prompting Crashes *

Critical Vulnerabilities Addressed in Chrome 123 and Firefox 124 Updates *

US Department of Defense Celebrates Milestone in Ethical Hacking Program *

Exploitation of TeamCity Vulnerability Linked to Jasmin Ransomware and Other Malware *

New Loop DoS Attack Threatens Hundreds of Thousands of UDP-Based Hosts *

TMChecker: New Dark Web Toolset Targets Remote Access Services and E-Commerce Platforms *

Impact of Cyberattack on UnitedHealth Group's Change Healthcare Unit Sparks Legal Action *

Phishing Campaign Unveils Ingenious Microsoft Office Tactic to Distribute NetSupport RAT *

APIs Drive the Majority of Internet Traffic and Cybercriminals Exploit Them *

Pensacola City Government Phone Lines Disabled by Cyberattack *

Security Researchers Uncover Massive Data Leak from Misconfigured Google Firebase Instances *

AcidPour, A New Data-Wiping Malware Targeting Linux IoT Devices *

Expansion of International Spyware Agreement Includes Six New Countries *

Nations Direct Mortgage Data Breach Exposes 83,000 Individuals' Information *

Phishing Evolution: Hackers Target Popular Document Publishing Sites *

Relentless Cyber Activity Targeting Global Critical Infrastructure *

MediaWorks Investigates Alleged Data Breach Impacting 2.4 Million Individuals *

Machine Learning Model Repositories Vulnerable to Supply Chain Attacks *

Apex Legends Esports Tournament Temporarily Halted Due to Cheating Incident *

Key MITRE ATT&CK Techniques Exploited by Cyber Attackers *

Fujitsu Discovers Malware Breach, Customer Data Compromised *

Unveiling an Evasive Azorult Campaign Leveraging HTML Smuggling via Google Sites *

Fortra Fixes Critical Remote Code Execution (RCE) Vulnerability in FileCatalyst Transfer Tool *

Unveiling the Earth Krahang APT Campaign: Targeting Government Entities Worldwide *

Gitgub Malware Campaign Targets GitHub Users with RisePro Info-Stealer *

Ransomware Threat Targets South African Pension Data *

Unveiling a Novel Acoustic Side-Channel Attack on Keyboards *

GhostRace: New Data Leakage Attack Exploits Speculative Execution *

AT&T Denies Origin of Leaked Data Impacting 70 Million Individuals *

ShadowSyndicate Hackers Exploits CVE-2024-23334 in Aiohttp Python Library *

Scranton School District Faces Ransomware Attack, Disrupting Operations *

Encina Wastewater Authority Targeted by BlackByte Ransomware Group *

WordPress Sites Vulnerable to Takeover Due to Discontinued Security Plugins *

McDonald’s Experiences Global IT Failure Impacting Stores *

Cisco Fixes High-Severity IOS XR Vulnerabilities *

Oversubscribed and Outdated Supercomputers Cause Delays in NASA Missions *

Threat Actors Exploit Document Publishing Sites for Persistent Credential and Session Token Theft *

Irish Government Website Bug Exposing COVID-19 Vaccination Records Takes 2 Years to Publicly Disclose *

StopCrypt Ransomware: Evading Detection as the Most Widely Distributed Threat *

Real-Time URL Protection Integrated into Chrome's Standard Safe Browsing *

Researchers Outline Vulnerability in Kubernetes Allowing Takeover of Windows Nodes *

Alabama is Experiencing a DDoS Cyberattack with Alleged Support from Russian Hacktivists *

Phone Number Hijacking: SIM Swappers Targeting eSIMs *

Google's Gemini AI Vulnerable to LLM Threats, Researchers Warn *

Billion-Dollar Boat Seller MarineMax Discloses Cyberattack to SEC *

Vcurms Malware Sets Sights on Popular Web Browsers for Data Theft *

Cloud-Based Assault Targets Meson Crypto CDN Prior to Launch *

Chipmaker Patch Tuesday: Intel and AMD Tackle Fresh Microarchitectural Vulnerabilities *

Data Breach Exposes Over 2.3 Million Records from Family Entertainment Business *

Securing Third-Party App Usage in Mid-Market Companies Scaling from 500 to 5000 Employees *

Server Leak Exposes Wealth of Customer Data from Leading EV Charging Firm *

Exposed: Vulnerabilities in ChatGPT Plugins Compromise Data and Accounts *

Roku Refunds 15,000 Breached Accounts for Unauthorized Subscriptions *

Okta Denies Involvement in Data Leak on Hacking Forum *

Data of 27,000 Individuals Compromised in September Ransomware Attack on Stanford *

Microsoft Patch Tuesday Security Advisory - March 2024 *

Adobe Patches Critical Vulnerabilities in its Enterprise Products *

Siemens Ruggedcom Devices Vulnerable to Nozomi Component Flaws in ICS Patch Tuesday *

SAP Addresses Critical Command Injection Vulnerabilities with Patches *

Acer Confirms Leak of Philippine Employee Data on Hacking Forum *

EquiLend Alerts Employees of Data Theft by Ransomware Group *

Belgian Village Hit by Cyberattack on Brewery Now Faces Second Incident Targeting Coffee Roastery *

Personal Information Leaked in Jersey Data Breach *

The Global Rise of Sophisticated Vishing Campaigns *

Microsoft SCCM Misconfigurations Unveiled by Researchers as Cyberattack Vectors *

QNAP NAS Devices Vulnerable Due to Critical Security Flaw *

French Government Facing Unusually Intense Cyberattacks *

Leicester City Council Grapples with Extended IT Outage After Cyber Attack *

Russian Gov Hackers Steal Microsoft Source Code via Email Surveillance *

Paysign Investigates Potential Data Breach Amid Reports of Stolen Consumer Information *

Australian graphics company Canva says font security remains a significant issue *

Exploitation of WordPress Plugin Vulnerability Leads to Malware Infection on 3,300 Sites *

QEMU Exploitation: A Novel Tunneling Technique Threatens Company Networks *

In-Memory Web Shell Exploits Target Atlassian Confluence Vulnerability *

CISA Alerts of Exploited Pixel Phone Vulnerability *

Unpatched Sceiner Smart Lock Flaws Enable Unauthorized Door Access *

Evolution of Threats: Transition from Web3 Drainer to Distributed WordPress Brute Force Attack *

NTLM Authentication Vulnerability Exploited by TA577 Cyber Threat Actor *

Chinese Government Hacking Group Targets Tibetans in Cyber Espionage Campaign *

Swiss Government Documents and Credentials Leaked in Ransomware Attack *

Technology Disruption Under Investigation at South St. Paul Public Schools *

Snake Python-Based Information Stealer Targets Facebook Users in Cyberattacks *

Cisco Addresses High-Severity Vulnerabilities in Secure Client VPN Application *

Georgia Tech Redefines Industrial Cybersecurity Threats with Web-Based PLC Malware *

PetSmart Issues Password Resets Amid Credential Stuffing Attack *

Japanese Ministry Attributes Line Data Breach to Shared Technology with Naver *

Google's March 2024 Android Security Update Addresses Critical Vulnerabilities *

Beware of Fake Online Meeting Platforms Spreading Malicious RATs *

HHS Support Measures for Healthcare Providers Amid Change Healthcare Ransomware Attack *

Malicious Campaign Exploits Misconfigured Cloud Servers in Linux *

Organizations are deliberately launching applications with known vulnerabilities *

Canadian Financial Intelligence Agency Shuts Down Systems Amid Cyberattack *

North Korean Threat Actors Exploit ConnectWise Vulnerabilities to Deploy TODDLERSHARK Malware *

Cybercriminals Unleash Upgraded GhostLocker 2.0 Ransomware in Global Attack Campaign *

North Korean Hackers Breach South Korean Semiconductor Companies *

Apple Issues Urgent Software Update to Address Critical Security Flaws in iOS Platform *

Meta-Owned Facebook and Instagram Experience Global Outage, Prompting Swift Response *

Cybercriminals Utilize New DNS Hijacking for Investment Scams *

WogRAT Malware Exploits Online Notepad Platform in Stealthy Attacks *

FortiGuard Labs Discovers CHAVECLOAK Trojan Targeting Brazilian Banking Users *

Data Breach at Mr. Green Gaming Exposes Personal Information of 27,000 Users *

VMware Issues Urgent Patches for Critical ESXi Sandbox Escape Vulnerabilities *

Cybercriminals Embrace AI: Shaping a New Era of Malware Development *

Emerging Threat: Morris II Worm Exploits Generative AI for Malicious Propagation *

Expansion of Predator Spyware: New Network Infrastructure in Botswana and the Philippines *

RA World Ransomware: A Multistage Threat Employing Anti-AV Tactics and GPO Exploitation *

Critical Vulnerabilities in JetBrains TeamCity On-Premises Potentially Allowing Server Takeovers *

Sophisticated Phishing Attacks Target FCC Employees and Cryptocurrency Platforms *

American Express Notifies Customers of Third-Party Service Provider Data Breach *

Critical Vulnerabilities Patched in Hikvision's HikCentral Professional Security Management System *

Exploitation of Major Brand Subdomains in Large-Scale Spam Campaign *

Major Security Flaws Found in Doorbell Cameras Sold Online, Including Amazon *

FBI and CISA Release Indicators of Compromise for Phobos Ransomware *

Unit 42 Discovers New Linux Variant of Bifrost RAT with Innovative Evasion Tactics *

U.S. Court Mandates NSO Group's Disclosure of Pegasus Spyware Code to WhatsApp *

Golden Corral Data Breach Exposes Personal Information of 183,000 Individuals *

CISA Alerts to Exploitation of Windows Streaming Service Vulnerability *

Taiwan's Chunghwa Telecom Hit by Data Breach: 'Sensitive' Information Stolen by Hackers *

Meta Fixes Facebook Account Takeover Vulnerability *

North Korean Hackers Exploit Windows Zero-Day in Rootkit Attack *

SPIKEDWINE Exploits European Diplomats Through WINELOADER Attack *

BEAST AI: Disrupting Large Language Models in Just One Minute of GPU Time *

Enterprises Struggle with Mobile Fraud Amid Surge in AI-Powered Attacks *

Internet and Telecom Services Disrupted in Chad Amid Deadly Political Clashes *

New Linux Malware GTPDOOR Exploits GPRS Tunnelling Protocol for Telecom Network Attacks *

Cisco Fixes High-Severity Vulnerabilities in Data Center OS *

Irish Foreign Affairs Ministry Finds 'No Evidence' of Cyber Breach After Extortion Claim *

Pharmaceutical Distributor Cencora Discloses Data Exfiltration in Cybersecurity Incident *

Savvy Seahorse Unveils Innovative DNS CNAME Technique *

Travel Industry Faces Threat of Agent Tesla Malware Attacks Targeting Online Travelers *

New Malware Campaign "TimbreStealer" Targeting Mexican Users Discovered by Cisco Talos *

Bazaarvoice Targeted in Cyberattack by Mogilevich Ransomware Group *

Malicious JavaScript in Tornado Cash DAO Compromises Transaction Privacy *

medQ Acknowledges Data Breach Due to Software Encryption Incident *

Anycubic 3D Printers Hacked, Users Warned of Vulnerability *

Pepco Group's Hungarian Business Targeted in Phishing Attack, Suffers €15 Million Losses *

Newly Discovered Xeno RAT Trojan Poses Significant Threat on GitHub *

Web Check: Free Open-Source Intelligence Tool for Website Analysis *

LoanDepot Confirms Data Breach: Almost 17 Million Customers Affected by Ransomware Attack *

Hackers Exploit 14-Year-Old CMS Editor on Government and Education Sites for SEO Poisoning *

Critical SQL Injection Vulnerability in WordPress Plugin Puts Over 200K Websites at Risk *

Hugging Face Vulnerability Opens Door to Supply Chain Attacks on AI Models *

New IDAT Loader Version Utilizes Steganography to Distribute Remcos RAT *

Russian Cyberspies Exploit Dormant Accounts to Target Cloud Infrastructure *

North Korean Hackers Distribute Malicious npm Packages Targeting Developers *

Hackers Swipe Nearly $10 Million from Axie Infinity Co-Founder's Personal Accounts *

Critical Security Vulnerability Discovered in Popular 'Ultimate Member' WordPress Plugin *

Malawi Immigration Department Suspends Passport Services Due to Cyberattack *

ThyssenKrupp Automotive Body Solutions Business Unit Falls Victim to Cyber Attack *

Zyxel Addresses Remote Code Execution Vulnerability in Firewall Products with Patches *

Hackers Expose 2.5M Private Plane Owners' Data in LA International Airport Breach *

Major Brands' Subdomains Hijacked in Massive Spam Campaign *

Biden's Executive Order Aims to Strengthen Cybersecurity Measures at Ports *

Finance Department Expresses Regret Over Second Unintentional Data Leak in Four Months *

High-severity Vulnerability in Apple Shortcuts App Exposes Sensitive Data *

RCMP Probes Cybersecurity Incident During Ongoing Website Disruption *

Quik Pawn Shop Targeted in Alleged Cyberattack by Akira Ransomware Group *

UnitedHealth Confirms Optum Cyberattack, Leading to US Healthcare Billing Outage *

Rising Threat: Web3 Malware Exploits Cryptocurrency Assets *

SSH-Snake: Emerging Self-Modifying Worm Poses Threat to Networks *

FTC Alleges Avast Sold Customer Browsing Data to Advertisers Without Consent *

Singapore Sees Surge in Scams and Cybercrime Despite Anti-Scam Measures *

Authentication Bypass Vulnerabilities Discovered in Wi-Fi Software for Android, Linux, and ChromeOS *

Arizona Firm's Data Breach Affects 2.4 Million Patients *

Ubuntu Addresses Multiple FreeImage Vulnerabilities *

Tangerine Telecom Breach Impacts 232,000 Customers *

Signal Beta Introduces Custom Usernames for Enhanced Privacy *

Researchers Warn of Surging Banking Malware Campaign Exploiting Google Cloud Run *

Researchers Unveil 'VoltSchemer' Attacks Exploiting Wireless Charger Vulnerabilities *

Ransomware Attack Hits DC-Area School System, Affecting Data of 100,000 Individuals *

Malicious PyPI Packages Exploit DLL Side-Loading for Supply Chain Attacks *

Internal Documents from Chinese Hacking Contractor iSoon Exposed in Leak *

DDoS Attack Disrupts Top UK Universities' Services *

PSI Software, a Critical Infrastructure Vendor, Targeted by Ransomware Attack *

VietCredCare, A New Malware Threat Targeting Facebook Advertisers in Vietnam *

Chrome 122 and Firefox 123 Address High-Severity Vulnerabilities with Security Patches *

Global Law Enforcement Targets LockBit Ransomware Syndicate *

Linux Malware Campaign 'Migo' Targets Redis for Cryptomining *

Hacker group Cactus Ransomware Confirms Schneider Electric Hack *

North Korea Expands Revenue with Malware-Infused Gambling Websites as-a-Service *

Malware Attacks Increases as MacOS Adoption Rises: New Threats Target Apple Users *

M.O.R.E' Ransomware Surfaces on Dark Web, Posing Threat to Users Across Windows, Mac, and Linux Platforms *

Wyze Camera Breach Exposed 13,000 Strangers to View Inside Homes *

Critical Vulnerabilities Identified in ConnectWise ScreenConnect *

KeyTrap Vulnerability: Disrupting Internet Access with a Single DNS Packet *

Researchers Warn Smart Lawn Mowers could be a Target for Cyberattacks *

Revealing the Enigmatic 'MMS Fingerprint' Hack by NSO Group in Mobile and Wireless Networks *

Security Breach at Jaypee University in India: Allegations of Compromised Institute and Disclosure of Sensitive Data *

Anatsa Android Malware Infects Over 150,000 Devices Through Google Play Downloads *

Escalating DDoS Attacks Pose Threat to Media Freedom in Europe *

New Espionage Campaign Targets European and Iranian Embassies by Russia-Aligned Hackers *

New MonikerLink Flaw Puts Outlook Users at Risk of Data Theft and Malware Exposure *

Hackers Allegedly Breach Staffing Giant Robert Half, Offer Sensitive Data for Sale *

Critical Security Flaw in GL-AX1800 Router Allows Remote Code Execution by Attackers *

Hacker Caught Selling Bank Accounts of US and Canadian Users *

Cybersecurity Crisis Unfolds in India's Financial Sector as Motilal Oswal Breached *

Mastermind Behind FBI's Most-Wanted Zeus and IcedID Malware Cases Admits Guilt *

Eight Critical Vulnerabilities Revealed in the AI Development Supply Chain *

Cryptocurrency Firms Targeted by RustDoor macOS Backdoor Disguised as Job Offers *

Exploiting AWS for Mass Smishing: Unveiling the Malicious 'SNS Sender' Script *

U.S. Authorities Disrupt Russia-Linked Botnet Involved in Cyber Espionage Activities *

Unauthorized Access to U.S. State Government Network Exploiting Former Employee's Account *

ALPHV Ransomware Announces Successful Attacks on loanDepot and Prudential Financial *

CISA Urges Immediate Patching of Cisco ASA Flaw Exploited in Ransomware Attacks *

Critical RCE Vulnerabilities Patched by SolarWinds in Access Rights Manager *

CUSG CMS Vulnerabilities Exposed Credit Unions to Attacks *

TicTacToe Dropper Unleashes Data Theft and Multi-Threat Spread on Windows Systems *

New 'Gold Pickaxe' Malware on Android and iOS: Targeting Users through Facial Data Theft for Fraudulent Activities *

U.S. Internet Exposes Extended History of Internal and Customer Emails *

Chinese Hackers Utilize Deepfakes in Mobile Banking Malware *

RansomHouse Gang Launches MrAgent Tool for Automated VMware ESXi Attacks *

Uncovering Three Key Application Security Flaws Beyond Automated Scanner Detection *

South Korea Accuses North Korean Hackers of Breaching Presidential Office Email Account *

JabberZeus Leader Pleads Guilty to Zeus and IcedID Malware Operations *

Russian Threat Actor Turla Targets Polish NGOs with Newly Deployed TinyTurla-NG Backdoor *

ESET Fixes High-Severity Privilege Escalation Vulnerability *

Microsoft Acknowledges Exploitation of Critical Zero Day Vulnerability in Exchange Server *

Qakbot Malware Signals Potential Resurgence Post Law Enforcement Takedown *

Atlassian Vulnerability Identified as Cause of GAO Breach *

Microsoft and OpenAI Issue Alert Regarding Nation-State Hackers Utilizing AI for Cyber Attacks *

DNSSEC Vulnerability Single Malicious Packet Can Disable DNS Servers *

The Ubuntu Command not found Tool may cause Users to Install Rogue Packages *

Trans Northern Pipelines Investigates Cyber Breach by ALPHV or BlackCat Ransomware Gang *

Varta AG Halts Production Following Cyberattack on IT Systems *

Researchers Reveal KeyTrap DNS Vulnerability with Potential to Disable Large Parts of Internet *

Zoom Fixes Critical Vulnerability in Windows Applications *

Resurgence of Bumblebee Malware Attacks Following 4-Month Hiatus *

Data Breach at Integris Health Affects 2.4 Million Patients *

Cybercriminals Enhance Glupteba Botnet's Evasion Methods with Undocumented UEFI Bootkit *

Microsoft Patch Tuesday Security Advisory - February 2024 *

PikaBot Emerges with Enhanced Code Efficiency and Sneaky Strategies *

Jet Engine Dealer Reports Unauthorized Activity Amid Cybersecurity Incident *

Prudential Financial Reports Network Breach, Employee Data Compromised *

CISA Adds Roundcube Email Software Flaw to Known Exploited Vulnerabilities Catalog *

Microsoft Addresses Zero-Day Exploited in DarkMe RAT Distribution Campaign *

Cyber Fraud Epidemic: Telangana Loses 150 Crore in Just Over a Month *

Cybercriminals Exploit Three Familiar Vulnerabilities in Microsoft Word and Excel *

Ransomware Attack Shuts Down 21 Romanian Hospitals *

FCC Implements Stricter Data Breach Reporting Rules for Telecoms *

Bank of America Alerts Customers About Data Breach Following Vendor Cyberattack *

Microsoft Introduces Sudo for Windows 11 to Streamline Command Execution *

Senior Executives Targeted in Ongoing Azure Cloud Account Takeover Campaign *

Free Decryption Tool Released After Rhysida Ransomware Successfully Cracked *

Security Flaw in Smart Helmets Puts Millions in Danger of Hacking and Surveillance *

Largest Casino's Mobile App Exposes Customer Personal Information *

U.S. Justice Department Dismantles Warzone RAT Infrastructure and Apprehends Key Operators *

UK Shifts from Physical Biometric Immigration Cards to E-Visas *

Microsoft Outlook Clients Encounter Exchange ActiveSync Syncing Issues *

Canada Moves to Ban Flipper Zero and Similar Devices Amid Car Theft Concerns *

ExpressVPN Bug Exposes DNS Requests Over Years, Compromising User Privacy *

New Variant of MoqHao Android Malware Operates Without User Interaction *

Zardoor Backdoor Stealthily Targets Saudi Islamic Charity Organization *

New Ivanti Authentication Bypass Flaw Impacts Connect Secure and ZTA *

Raspberry Robin Exploits New One-Day Vulnerabilities, Enhancing Stealth and Persistence *

Advanced macOS Malware Disguised as Visual Studio Update *

Hyundai Motor Europe Hit by Black Basta Ransomware Attack *

Ransomware Attack Paralyzes Municipality of Korneuburg, Austria *

Microsoft Reveals New Windows 11 Feature: 'Sudo for Windows' *

LastPass Users at Risk from Counterfeit App on Apple App Store *

Escalating Iranian Offensive Cyber Operations Amid Israel-Hamas Conflict *

Analysis of HijackLoader Malware's Enhanced Defense Evasion Techniques *

APTs Exploit FortiOS Vulnerabilities in Critical Infrastructure Attacks *

Vulnerabilities in Cisco's Enterprise Communication Devices are Patched *

Google's Pilot Program Targets Financial Fraud by Blocking Risky Android APKs *

No Evidence of 3 Million Electric Toothbrushes Used in DDoS Attack *

Shim Vulnerability Poses Critical Risk to Majority of Linux Systems, Allowing Complete Compromise *

Security Flaw Exposes User Data in Spoutible, Prompting Concerns and Remedial Actions *

Danish Data Protection Authority Issues Injunction on Student Data Transfer to Google *

66,000 Individuals Impacted by SIM-Swapping Attacks Targeting US Insurance Giants *

Researchers Expose DiceLoader Malware Targeting Corporate Businesses *

U.S. Agencies Issue Warning on Chinese Cyber-Espionage Group's Threat to Critical Infrastructure *

Canon Mitigates 7 Critical Flaws in Small Office Printers with Urgent Patches *

Fortinet Addresses Critical Flaws in FortiSIEM with Immediate Patches *

False Facebook Job Ads Spreading 'Ov3r_Stealer' to Take Crypto and Credentials *

JetBrains Alerts of Fresh Authentication Bypass Vulnerability in TeamCity *

Verizon Insider Data Breach Impacts Over 63,000 Employees *

New Vulnerabilities Uncovered in Azure HDInsight Spark, Kafka, and Hadoop Services *

Android Addresses Critical Remote Code Execution Vulnerability with Patch *

Pennsylvania Courts Website Targeted in Denial-of-Service (DoS) Attack Disruption *

French Healthcare Firm Viamedis Faces Cyberattack, Potentially Impacting Millions *

AI SPERA Introduces Criminal IP ASM on Microsoft Azure Marketplace *

Dutch Ministry of Defence Targeted in Chinese State-Sponsored Cyberattack *

Cybercriminals Exploit Job Boards, Pilfering Millions of Resumes and Personal Data *

ApateWeb: Cybercriminals Exploit Over 130,000 Domains for Large-Scale Cyber Attacks *

Employee Falls Victim to $25.6M Deepfake Scam Involving AI-Generated CFO *

Microsoft Investigating Outlook Security Alerts Issue with .ICS Calendar Files *

Mitsubishi Electric Discloses Critical Vulnerabilities in Factory Automation Products *

Ivanti SSRF Zero-Day Actively Exploited at Scale, Warns Security Researchers *

Institute of Statistics in Albania Targeted by Iranian-Linked Hackers *

US Implements Visa Ban for Individuals Tied to Commercial Spyware Misuse *

NSO Group's Pegasus Spyware Targets Jordanian Activists and Journalists *

VajraSpy Malware Infecting Android Devices by using Patchwork's Romance Scam *

"Commando Cat", a new Cryptojacking Campaign Strikes Exposed Docker APIs *

QNAP Addresses High-Severity Vulnerabilities in QTS and Qsync Central with Patches *

A Cybercrime Operation Carried out by Interpol, Synergy, Takes Down 1,300 Servers *

Lurie Children's Hospital Halts IT Systems in Response to Cybersecurity Event *

APT28: Russian Hackers Utilize NTLM Relay Attacks to Target High-Value Organizations *

Leaky Vessels Flaws Allow Unauthorized Escape from Docker and runc Containers *

DirtyMoe Malware Strikes Over 2,000 Computers in Ukraine, Engaging in DDoS Attacks and Cryptojacking *

Latest Mispadu Banking Trojan Exploits Windows SmartScreen Vulnerability *

South African Railways Suffers Over $1 Million Loss Due to Phishing Scheme *

Critical Mastodon Flaw Enables Hijacking of Any Decentralized Account by Hackers *

Clorox Reveals $49 Million in Costs Resulting from Cyberattack *

AnyDesk Confirms Breach of Production Servers, Urges Users to Update Software and Change Passwords *

CISA Alert: Critical Security Vulnerabilities in Moby and OCI Components *

Unauthorized Access to Cloudflare via Compromised Okta Auth Tokens *

Romanian Parliament Faces Cybersecurity Breach, Exposing Officials' Confidential Information *

PurpleFox Malware Spreads Across Thousands of Computers in Ukraine *

CISA Urges Enhanced Security for SOHO Routers against Volt Typhoon Threats *

FTC Mandates Enhanced Security Measures for Blackbaud Following Major Data Breach *

FritzFrog's Return: Unleashing Log4Shell and PwnKit Exploits to Propagate Malware in Network Infrastructures *

Global Affairs Hit by Cyberattack, Initiates Shutdown of Computer Systems for Remediation *

HeadCrab 2.0 Embraces Fileless Strategy, Focuses on Exploiting Redis Servers for Cryptocurrency Mining *

CISA Issues Alert on Active Exploitation of Critical Flaws in Apple iOS and macOS *

Android Local Elevation Flaw Exploit Unleashed, Affecting 7 OEMs *

Fintech Giant Direct Trading Technologies Faces Data Leak Impacting Over 300K Traders *

Cybercriminals Leveraging Ivanti VPN Vulnerabilities to Distribute KrustyLoader Malware *

UNC4990 Strikes Italian Businesses with Weaponized USBs, Unleashing Cryptojacking Malware *

Telegram's Role in Cybercrime: Easy-to-Use Kits and Malware Fueling a Surge in Phishing Attacks *

Johnson Controls Reports $27 Million Cost and Data Breach from Ransomware Attack *

Ivanti Issues Alert on Actively Exploited Zero-Day in Connect Secure Product *

Mercedes-Benz Source Code Exposed Due to Mishandled GitHub Token *

Critical Workspace Creation Flaw in GitLab Requires Immediate Upgrade to Mitigate File Overwrite Risk *

Web-Based Ransomware Decryption Tool Facilitates Recovery of Partially Encrypted Files *

The Mother of All Breaches: Massive Release of 26 Billion Records Exposes LinkedIn, Twitter, and Major Organizations *

Threat Actors Sell 1.8TB Database of Personal Information for 750 Million Indian Mobile Users *

Ukrainian Prisoners of War Oversight Agency Faces Cybersecurity Breach *

Newly Discovered glibc Vulnerability Enables Attackers to Attain Root Access on Major Linux Distributions *

DarkGate Malware Spread Through Microsoft Teams Phishing in Group Chats *

Italian Data Protection Authority Accuses ChatGPT of Privacy Violations Under GDPR *

ZLoader Malware Resurfaces with 64-bit Windows Compatibility in Latest Variant *

Juniper Networks Issues Critical Junos OS Updates to Address High-Severity Vulnerabilities *

Rising Threat: Albabat, Kasseika, Kuiper - Emergence of New Ransomware Gangs Leveraging Rust and Golang *

Outlook Vulnerability Reveals NTLM Passwords, Researchers Warn *

Schneider Electric Faces Cactus Ransomware Attack with Threats of Data Leak *

FBI Warns of Tech Support Scams Employing Couriers for Money Collection *

Keenan & Associates Alerts 1.5 Million Individuals to Data Breach Following Summer Cyberattack *

Outlook Apps Encounter Connectivity Issues with Outlook.com, Microsoft Investigating *

45,000 Jenkins Servers Vulnerable to RCE Attacks Through Public Exploits *

Microsoft Teams Faces Second Outage in Three Days, Disrupting Services in North and South America *

Critical Jenkins Vulnerability (CVE-2024-23897) Poses RCE Threat *

Malicious PyPI Packages Deliver WhiteSnake InfoStealer Malware to Windows Systems *

Vulnerabilities in Westermo Lynx Switches Pose Risks for Industrial Organizations *

Ukraine's Major Energy, Postal, and Transportation Entities Targeted in Cyberattacks *

Pegasus Spyware Targets Mobile Devices of Journalists in Togo *

AllaKore RAT Malware Targets Mexican Companies Using Financial Fraud Techniques *

Healthcare Provider Alerts 4 Million Patients Regarding Data Breach at Perry Johnson & Associates (PJ&A) *

Ransomware Strikes Kansas City Public Transportation Authority *

Microsoft Issues Alert on Expanding APT29 Espionage Campaign Targeting Global Organizations *

Malicious Google Ads Target Chinese Users in Ongoing Malvertising Campaign *

Critical Cisco Flaw Enables Remote Takeover of Unified Communications Systems *

23andMe Confirms Data Breach: Attackers Exfiltrate Raw Genotype Data and Health Reports *

Blackwood Hackers Exploit WPS Office Update Mechanism for Malware Installation *

LODEINFO Fileless Malware Advances with Enhanced Anti-Analysis and Remote Code Techniques *

Mozilla Addresses 15 Vulnerabilities, Including Five High-Severity, in Firefox and Thunderbird Updates *

EquiLend Faces Disruptions Following Cyberattack, Initiates Investigation and Restoration Efforts *

BuyGoods.com Exposes 198GB of Internal and User Personally Identifiable Information (PII) and Know Your Customer (KYC) Data *

Critical Google Kubernetes Misconfiguration Allows Any Gmail Account to Control Clusters *

AI Expected to Escalate Ransomware Threat in the UK Over Next Two Years, Warns NCSC *

Pwn2Own Automotive 2024: Tesla Breached with Demonstration of 24 Zero-Day Exploits *

Russian Hackers Infiltrate Email Accounts of HPE Security Team *

Credential Stuffing Attack Affects Potential 340,000 Jason’s Deli Customers *

Lamassu Bitcoin ATMs Exposed to Exploits, Allowing Potential Wallet Draining *

Kasseika Ransomware Exploits Antivirus Driver to Disable Competing Security Software *

DDoS attacks are moving from megabits to terabits, according to Gcore Radar *

Malicious NPM Packages Compromise Developer SSH Keys, Exfiltrate Data via GitHub *

Fortra GoAnywhere MFT Authentication Bypass Vulnerability Exploited with Release of Exploit Code *

Ransomware Attack Strikes Veolia North America's Water Services Operations *

Active Exploitation: Critical Confluence Remote Code Execution Vulnerability Targeted in 40,000 Attacks Within 3 Days *

AerCap, Global Aviation Leasing Leader, Falls Victim to Ransomware Attack *

Apple Releases iOS 17.3, Issues Warning on WebKit Zero-Day Exploits *

Stealthy Malicious Web Redirect Scripts Concealed Within Compromised Websites *

Apple Swiftly Addresses 2024's First Zero-Day Exploit with Critical Security Updates *

North Korean Hackers Exploit Fake Research to Deploy RokRAT Backdoor *

Splunk Enterprise Addresses High-Severity Vulnerability in Latest Patches *

Apache ActiveMQ Vulnerability Exploited in Recent Wave of Godzilla Web Shell Attacks *

Java and Android Vulnerability: MavenGate Attack Poses Security Threat, Allowing Hackers to Hijack Systems via Abandoned Libraries *

MacOS Backdoor: The Lucrative Threat of Cracked Software Stealing Cryptowallets Surpasses Gold *

SEC Affirms X Account Compromised in SIM-Swapping Incident *

VMware Addresses Critical Code Execution Vulnerability in vCenter Server with Security Updates *

VF Corporation, Owner of Vans and The North Face, Discloses Ransomware Breach Impacting 35 Million Individuals *

NS-STEALER Exfiltrates Secrets from Popular Web Browsers by Using Discord Bots *

Critical Vulnerabilities Discovered in Leading Open Source AI/ML Platforms *

Brave Browser Discontinues 'Strict' Fingerprinting Protection Due to Website Compatibility Issues *

Ransomware Attack by Tietoevry Results in Disruptions for Swedish Companies and Municipalities *

Ransomware Attacks Utilize TeamViewer for Network Breaches *

Developer Charged with Hacking Following Disclosure of Cybersecurity Concerns *

Cyberattack Disrupts IT Network and Services at Kansas State University *

Docker Hosts Compromised in Ongoing Scheme for Website Traffic Theft *

Unpatched Vulnerabilities in Rapid SCADA Pose Risks to Industrial Systems *

Vulnerability in TensorFlow CI and CD Exposes Supply Chain to Poisoning Attacks *

Google Detects Deployment of Spica Backdoor Malware by Russian FSB Hackers *

Inferno Drainer's Scam-as-a-Service Drains 87 Million Dollars from 137000 Victims *

PixieFail UEFI Vulnerabilities Pose Risks of Remote Code Execution, Denial of Service, and Data Theft for Millions of Computers *

GitHub Rotates Keys to Mitigate Credential-Exposing Vulnerability *

VMware Issues Urgent Patch for Critical Aria Automation Flaw *

LeftoverLocals Attacks Expose AI Data Leak in GPUs from AMD, Apple, and Qualcomm *

A Botnet Bigpanzi has Infected 170,000 Android TV Boxes with Malware *

Microsoft Warns of Iranian Hackers Using Fresh MediaPl Malware to Target Researchers *

Exposes Pegasus Spyware on iPhone with a New iShutdown Method *

PAX PoS Terminal Vulnerability Enables Transaction Tampering by Attackers *

Have I Been Pwned adds 71 Million Emails from NazAPI Stolen Account Dataset *

Oracle Addresses 200 Vulnerabilities in January 2024 Critical Patch Update *

Atlassian Alerts Critical Remote Code Execution Vulnerability in Confluence Versions *

Google Addresses First Actively Exploited Chrome Zero-Day of 2024 *

FBI and CISA Issue Alert as Androxgh0st Malware Botnet Targets AWS and Microsoft Credentials *

New Attack Wave Spreads Remcos RAT Through Adult Games *

Ransomware Attack Hits Majorca's Calvia City, Extortionists Demand $11 Million *

Critical Zero-Day Vulnerabilities in Citrix Netscaler Exploited *

MyFlaw Security Flaw in Opera Browser Exposes Mac and Windows Users to File Execution Attacks *

Balada Injector Exploits Plugin Vulnerability, Compromising 7,100 WordPress Sites *

Windows SmartScreen Vulnerability Exploited to Deliver Phemedrone Malware *

High-Severity Vulnerabilities Detected in Bosch Thermostats and Smart Nutrunners *

Over 178,000 SonicWall Firewalls Exposed to DoS and Potential RCE Vulnerabilities *

Microsoft Working on Fix for Windows 10 0x80070643 Errors in KB5034441 Update Installation *

Lush, UK Cosmetics Retailer, Confirms Cyberattack *

Ivanti Connect Secure Exploited with Zero-Days to Deploy Custom Malware *

GitLab Issues Warning on Critical Zero-Click Account Hijacking Vulnerability *

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit *

Critical Remote Code Execution Vulnerability Discovered in Juniper SRX Firewalls and EX Switches *

CISA Warns of Actively Exploited Critical Microsoft SharePoint Vulnerability *

Atomic Stealer Upgrade Targets Mac Users with Encrypted Payload *

Microsoft Releases Script for Updating Windows 10 WinRE with BitLocker Fixes *

Python-Powered FBot Hacking Toolkit Targets Cloud and SaaS Platforms *

Major T-Mobile Outage Disrupts Account Access and Mobile App Functionality *

Risk Emerges for ERP Systems as New Proof-of-Concept Exploit Targets Apache OFBiz Vulnerability *

Critical Vulnerabilities Expose 150k WordPress Sites to Takeover Risk Through POST SMTP Mailer Plugin *

Framework Computer Reveals Data Breach Following Phishing Attack on Accountant *

Data Breach at Fidelity National Financial Exposes Personal Information of 1.3 Million Individuals *

Pro-Ukraine Hackers Retaliate, Breach Russian ISP in Response to Kyivstar Attack *

Free Decryptors Unveiled for Victims of Black Basta and Babuk's Tortilla Ransomware *

Hathway Faces Data Breach as Hacker Leaks KYC Data of 4 Million Users *

Cisco Addresses Critical Unity Connection Bug Allowing Attackers to Obtain Root Privileges *

The Newest Mirai-Based Botnet Exploiting SSH Servers for Cryptocurrency Mining *

Saudi Ministry Exposes Sensitive Data, Posing Substantial Cybersecurity Threat *

Significant Data Breach Raises Alarm Over Potential Exposure for Entire Brazilian Population *

Water Curupira Hackers Unleash PikaBot Loader Malware in Ongoing Cyber Threat Campaign *

Turkish Hackers Targeting Weakly Secured MSSQL Servers for Global Ransomware Attacks *

CISA Adds Six Actively Exploited Vulnerabilities to KEV Catalog Affecting Apple, Adobe, Apache, D-Link, and Joomla Products *

Security Flaws Discovered in QNAP and Kyocera Device Manager *

Windows 10 KB5034122 Update Addresses Shutdown Bug *

Microsoft Patch Tuesday Security Advisory - January 2024 *

Fake Hack-Back Offers Target Ransomware Victims, Warns Cybersecurity Firm *

CISA Issues Warning on Exploitation of Apache Superset Vulnerability *

Beirut International Airport experienced a cyber attack *

NoName Group's DDoS Assault Targets Ukrainian Government Websites *

Maldives Government Websites Recover After Cyberattack Amid Diplomatic Strains *

North Korea's DPRK Hackers Pilfered $600 Million in 2023 Cryptocurrency Heist *

NIST Highlights Security and Privacy Risks Amid Swift Deployment of AI Systems *

Cross Switch Faces Data Breach and 3.6 Million Records Potentially Compromised *

Hackers Exploit Netgear and Hyundai X Accounts for Crypto Draining Scams *

Toronto Zoo Confirms Ransomware Attack Had Zero Impact on Animal Wellbeing *

Syrian Cyber Group Unleashes Destructive SilverRAT Threat *

Sea Turtle Cyber Espionage Campaign Strikes Dutch IT and Telecom Sectors *

Cyberattack on loanDepot Mortgage Firm Disrupts IT Systems and Payment Portal *

Cyberattack Strikes Municipal Systems in West Virginia City *

Ivanti Warns of Critical EPM Vulnerability Allowing Device Hijacking *

Cyber Partisans Hacktivist Group Targets and Shuts Down Belarusian News Agency BelTA *

Pays Fouesnantais and France's Township Faces Municipal Service Disruption after Cyberattack *

New macOS Backdoor Threat SpectralBlur Linked to North Korean Hackers *

New Variant of Bandook RAT Targets Windows Machines *

Hackers Exploit Vulnerabilities in Apache RocketMQ Servers for RCE Attacks *

Data Breach at Now-Defunct Ambulance Service Affects Nearly 1 Million Individuals *

In an assault on KyivStar, Russian hackers erased thousands of Systems *

UAC-0050 Adopts Novel Phishing Strategies for Dispensing Remcos RAT *

Mandiant’s Twitter Account Recovered Following Six-Hour Crypto Scam Breach *

Malware Exploiting Google MultiLogin Vulnerability to Persist After Password Reset *

Linux Targeted by 3 Malicious PyPI Packages Deploying Crypto Miners *

SMTP Smuggling Flaw Enables Attackers to Bypass Security and Spoof *

CISA Alert: Actively Exploited Vulnerabilities Found in Chrome and Excel Parsing Library *

Australian Court Service Faces Breach, Hearing Recordings Potentially Compromised *

Xerox's U.S. Subsidiary XBS Falls Victim to Breach as Ransomware Gang Leaks Data *

Orbit Chain's $86 Million Loss in Year-End 2023 Fintech Hack *

Android Game Developer's Google Drive Misconfiguration Exposes Cloud Security Risks *

Windows 10 and 11 Face New DLL Search Order Hijacking Variant, Evading Protections *

Kimsuky Hackers Utilize AppleSeed, Meterpreter, and TinyNuke in Recent Attacks *

New Malware 'JinxLoader' Delivering Formbook and XLoader Threats *

EasyPark Reveals Data Breach Affecting Potentially Millions of Users *

Anna Jaques Hospital's Computer System Compromised in Cyberattack *

Albanian Parliament and Telecom Company Targeted in Cyberattacks *

Lockbit Ransomware Causes Emergency Care Disruption in German Hospitals *

Russian Military Hackers Unleash New MASEPIE Malware in Targeted Campaign Against Ukraine *

Ransomware Attack Strikes Trinidad and Tobago's Social Security Agency *

Microsoft Takes Action to Safeguard Against Malicious Exploitation, Disabling MSIX Protocol Handler *

Chinese Hackers Exploit Fresh Zero-Day in Barracuda's ESG Appliances *

Critical Zero-Day Vulnerability in Apache OfBiz ERP System Poses Business Threat *

Corewell Health Faces Another Data Breach, Affects Over 1 Million Patients *

DragonForce Ransomware Claims Cyberattack on Ohio Lottery *

LoanCare Notifies 1.3 Million Individuals Regarding Data Breach *

Microsoft Word docs used to impersonate the Nepali government in a Nim-based campaign *

Cyber-Phishing Attacks with Cryptocurrency Drainers are on the Rise *

A New Ransomware Variant of Carbanak Banking Malware has been Discovered *

Android or Xamalicious Stealth Backdoor Actively Infecting Devices *

Reports of a Data Breach have been Investigated by Video Game Giant UBISOFT *

LONEPAGE Malware Targets Ukrainian Companies with UAC-0099 Exploit Based on WinRAR *

ESET Resolves High-Severity Flaw in Multiple Product's Secure Traffic Scanning *

The Iranian Hackers have Developed a New Backdoor for Hacking Windows *

Cloud Atlas' Targeted Spear-Phishing Strikes: Russian Agro and Research Firms Under Attack *

New Instagram Phishing Campaign Targets 2FA Backup Codes *

Indian government Entities Targeted by Rust-based Malware *

WordPress Plugin Breach: E-Commerce Sites Vulnerable to Credit Card Theft *

Europol Alerts to 443 Online Stores Infected with Credit Card Theft Scripts *

Ubisoft Initiates Investigation into Recent Reports of Security Breach *

Akira Ransomware Group Takes Credit for Cyberattack on Nissan Australia *

Mint Mobile Reveals Fresh Data Breach, Unveiling Customer Information Exposure *

Chrome Extensions Forcing 1.5 million Fake VPNs to be Installed *

Chameleon Android Malware Disables Fingerprint Unlock to Pilfer PINs *

OpenAI Addresses ChatGPT Data Leak with Imperfect Fix Rollout *

Cyberattack Forces First American to Shut Down IT Systems *

A New FalseFont Malware Title Targets Defense Firms, According to Microsoft *

Healthcare Software Provider's Data Breach Affects 2.7 Million Patients *

Google Addresses the Eigth Actively Exploited Zero-Day Vulnerability in Chrome *

Critical Pre-Auth Stack Buffer Overflows Affect Ivanti Avalanche *

F5 BIG-IP Zero-Day Alert Emails Spreading Data-Wiping Malware *

HCL Technologies Faces Ransomware Attack: Ongoing Investigation Underway *

FBI Disrupts BlackCat Ransomware Operation and Develops Decryption Tool *

FBI Reveals ALPHV Ransomware Profited $300 Million from 1,000 Victims *

The Terrapin attack can compromise the security of OpenSSH connections *

GitHub Exploited by Hackers to Skirt Detection and Compromise Hosts *

Web Injections Campaign Targets 50000 Users, Stealing Banking Data in Ongoing Threat *

Mr. Cooper Data Breach Exposes 14.7 Million Individuals to Security Risks *

Iran's Gas Stations Hit by Suspected Cyberattack, Causing Widespread Disruption *

Microsoft Reveals High-Severity Remote Code Execution Flaw in Perforce Helix *

Xfinity Reveals Data Breach Following Citrix Server Hack *

Customer Data Exposed in Cyberattack on MongoDB, Company Confirms *

Qbot Malware Resurfaces in Phishing Campaign Aimed at Hospitality Sector *

Google Phishing Ads Target WordPress Hosting Provider Kinsta *

Rhadamanthys Stealer Malware Advances with Enhanced Capabilities *

Ransomware Threats Target Patients of Fred Hutch Cancer Center *

3CX Issues Warning to Disable SQL Database Integrations *

Data Breach at Delta Dental of California Exposes Personal Information of 7 Million Individuals *

U.S. Nuclear Research Lab's Data Breach Affects 45,000 Individuals *

A Cryptocurrency Wallet Supply Chain Attack Stole $600K from Ledger dApps *

NKAbuse Malware Leveraging NKN Blockchain for Covert Comms *

Kraft Heinz Probes Alleged Hack, Assures Normal System Operations *

Hackers Hijack SOHO Routers and VPN Devices with Stealthy KV-Botnet *

Phishing Evolution: BazarCall Adopts Google Forms for Credible Deception *

CISA Warns of Russian Hackers Targeting TeamCity Servers Since September *

Microsoft Takes Control of Domains Selling Fake Outlook Accounts *

Hackers Leverage Public PoC to Exploit Critical Flaw in Apache Struts *

1,450 Exposed pfSense Servers Vulnerable to RCE Attacks via Bug Chain *

Booking-Themed Scam Unleashes New MrAnon Stealer Malware, Targets German Users *

Threat Actor Exploits Recruiters with Malicious More Eggs Backdoor Malware *

Microsoft Warns of OAuth App Exploitation for BEC and Cryptomining Attacks *

Sophos Proactively Backports Remote Code Execution (RCE) Fix for Unsupported Firewalls Post-Attacks *

Russian APT28 Launches Cyber Espionage Campaign Across 13 Nations *

Microsoft Patch Tuesday Security Advisory - December 2023 *

HTML Injection Bug in Counter-Strike 2 Exposes Players' IP Addresses *

University of Wollongong Confirms Data Breach and Alerts Authorities *

Americold, Cold Storage Giant, Confirms Data Breach After Malware Attack in April *

Critical Bug in Backup Migration Plugin Exposes 50K WordPress Sites to RCE Attacks *

Emergency Apple Updates Address Zero-Day Vulnerabilities in Older iPhone Models *

Researchers have Unmasked Sandman APT's Hidden Connection to China's KEYPLUG Backdoor *

The Lazarus Hackers have Released a New RAT Malware Using a Two-Year-Old Bug in Log4j *

A Record 2.6 Billion Users Records have been Exposed by Apple, but End-to-End Encryption Wins Out *

The AutoSpill Attack Steals Passwords from Android Password Managers *

Ransomware Gang Confirms Cyber Hit on California Hospital *

Norton Healthcare Reveals Data Breach Following May Ransomware Attack *

New HeadCrab Variant Exploits Redis Servers for Root Access *

Google Drive Users Continue to Face Challenges Despite Proposed Fix for File Recovery *

Email Sending Challenges in Microsoft Outlook for Users with Extensive Folders *

5Ghoul Vulnerability Strikes Qualcomm and MediaTek Chip-Powered 5G Phones *

Iranian Threat Poses Risk to Israel's Critical Infrastructure Through 'Polonium' Proxy *

New Bluetooth Vulnerability Enables Hackers to Seize Control of Android, Linux, macOS, and iOS Devices *

WordPress Resolves POP Chain Vulnerability, Safeguarding Websites Against RCE Exploits *

Data Breaches at Two Cambridge Hospitals are Caused by Excel Spreadsheets *

Microsoft Alerts on COLDRIVER's Adaptive Evasion Techniques and Credential Theft Strategies *

Russian State-Sponsored Hackers Target NATO Rapid Response Corps in Cybersecurity Breach *

Linux Servers are Infected with the Krasue RAT Malware using Embedded Rootkits *

North Korean Hacker Group Andariel Targets South Korean Companies, Stealing Defense Secrets *

Austal USA, Navy Contractor, Confirms Cyberattack and Data Leak *

US Senator Exposes Government Surveillance via Mobile Notifications on Apple and Google Users *

Qualcomm Discloses Exploited Chip Flaws in Targeted Attacks *

Intel and AMD CPUs are Vulnerable to SLAM Attacks that Steal Sensitive Data *

Critical Infrastructure Routers Face 21 Sierra Vulnerabilities *

Nissan Proactively Investigating Cybersecurity Incident and Assessing Potential Data Breach *

Critical Remote Code Execution Vulnerabilities Patched in Various Atlassian Products *

Go Module Repositories on GitHub: The Growing Threat of Repojacking *

Kali Linux 2023.4 Features GNOME 45 and 15 New Tools in Latest Release *

Cyberattack Confirmed by HTC Global Services after Data was Leaked *

23andMe Confirms Hackers Accessed Data from Millions of Users *

Thousands of Israeli Hospital Documents have been Leaked by Iran-Linked Hackers *

U.S. Government Agencies Compromised Through Exploitation of Adobe ColdFusion Vulnerability by Hackers *

WALA, International Dog Breeding Organization, Reveals 25GB of Pet Owners' Data *

Beware: iPhone Users Alerted to Deceptive Fake Lockdown Mode Attack *

The SpyLoan Android Malware has been Downloaded 12 Million Times from Google Play *

Android Security Updates for December 2023 Address 85 Vulnerabilities, Including a Zero-Day RCE Vulnerability *

More than 20,000 Microsoft Exchange Servers at Risk of Exploitation in Cyber Attacks *

WeMystic Fortune-Telling Platform Exposes Over 13 Million User Records *

Tipalti Probes Allegations of Data Breach Amid Ransomware Attack *

Microsoft Issues Alert on Malvertising Campaign Propagating CACTUS Ransomware *

The Fake Security Advisory Pushes Backdoor Plugins for WordPress *

Russian Cyber Threat Actors Exploit Outlook Vulnerability to Hijack Exchange Accounts *

AeroBlade Hackers Target U.S. Aerospace Sector in Fresh Campaign *

MIPS Devices are Targeted by a Stealthier Version of P2Pinfect Malware *

Revolutionizing Browsing: Google Chrome's Cache Update *

Hospitals are urged to patch Citrix Bleed bug *

Since 2017, North Korea's State Hackers Have Stolen $3 Billion in Crypto *

Pirated Software Distributes Proxy Malware Targeting Mac Users *

Qilin Ransomware Linux Variant Concentrates on Targeting VMware ESXi *

Berglund Management Group Discloses Data Breach Affecting Over 50,000 Individuals in the US *

VMware Resolves Critical Authentication Bypass in Cloud Director After 2 Weeks of Unpatched Vulnerability *

Microsoft Windows KB5032278 Update Introduces Copilot AI Assistant, Addresses 13 Bugs *

Newly Discovered Agent Raccoon Malware Exploited by Hackers to Create Backdoors in US Systems *

Chinese Hackers Employ SugarGh0st RAT in Targeting South Korea and Uzbekistan *

FjordPhantom Android Malware Employing Virtualization for Evasion Tactics *

North Carolina's Hendersonville Exposes Employee Data in Thanksgiving Cybersecurity Breach *

Zyxel Issues Warning on Critical Vulnerabilities Found in NAS Devices *

Staples Confirms Cyberattack as Cause for Service Disruptions and Delivery Challenges *

JAXA, Japan's Space Agency, Falls Victim to Cyberattack *

Apple Addresses Two New iOS Zero-Day Vulnerabilities with Emergency Updates *

UEFI Code Vulnerabilities Exploitable for Bootkit Implantation Through Image Files *

Cybersecurity Incident Impacts Capital Health Hospitals, Resulting in IT Disruptions *

Numerous Undisclosed secrets discovered within application images on Docker Hub *

A Ransomware Attack Exploits Qlik Sense Flaws to Infect Networks with Cactus Ransomware *

Hackers Compromise US Water Facility Through Exposed Unitronics PLCs *

Third-Party Data Breach Affects 2 Million Individuals at Dollar Tree *

Automotive Giant Yanfeng Hit by Qilin Ransomware Attack *

Egyptian E-Payment Provider Recovers After LockBit Ransomware Attack *

US Authorities Seize Sinbad Cryptocurrency Mixer Utilized by North Korean Lazarus Hackers *

Okta Data Breach in October Impacts All Users in Customer Support System *

Play Ransomware Group Targets 17 Victims, Including 14 US-Based Companies *

New 'Xaro' Variant of DJVU Ransomware Poses as Cracked Software to Deceive Users *

Experts Warn of More than 200 Malicious Android Apps Targeting Iranian Banks *

Rapid Exploitation of Critical ownCloud Vulnerability in the Wild *

Google Addresses the Sixth Actively Exploited Zero-Day Vulnerability in Chrome for 2023 *

Critical Vulnerability Uncovered in Ray AI Framework *

Bluetooth Vulnerability BLUFFS Allows Attackers to Take Command of Connections *

Hackers Can Exploit the 'Forced Authentication' Feature to Steal Windows NTLM Tokens *

Government of Serbia accused of using Military-grade Spyware against Critics *

DP World Admits Cybersecurity Breach in Australia, Reveals Data Theft Without Ransomware Deployment *

North Korean Cyber Actors Utilize Hybrid macOS Malware Tactics for Enhanced Stealth and Evasion *

Ransomware Breach Strikes Slovenia's Primary Power Giant, HSE *

Ransomware Attack Disrupts Ardent Hospital Emergency Rooms Across Six States *

Gulf Air Experiences Data Breach, Assures No Impact on Critical Operations *

Ukraine Claims Successful Hack into Russian Aviation Agency, Leaks Data *

QRadar SIEM Vulnerability Enables Remote Attackers to Initiate Denial of Service Attacks *

Ransomware Strike Erases All Player Accounts for Indie Game Developer *

Rivers Casino Customers and Employees' Sensitive Data has been Compromised by Hackers *

Rhysida Ransomware Gang Claims Breach of China Energy *

Google Drive Users Frustrated After Losing Months of Stored Data *

Appscook, School App Developer, Exposes Sensitive Data of Hundreds of Children *

The General Electric Company investigates claims of cyber attack and data theft *

KyberSwap Reports $54.7 Million in Cryptocurrency Stolen in Cyberattack *

APT Attacks Targeting the Afghan Government Use a New Web Shell Called HRServ.dll *

Supply-Chain Attack Unleashes Zero-Day Exploit in UK and South Korea Cybersecurity Incident *

Israel Targeted by Rust-Powered SysJoker Backdoor in Cyberattacks Linked to Hamas *

Confidential Kubernetes Secrets from Fortune 500 Enterprises Unveiled in Public Repositories *

OwnCloud File Sharing App Vulnerability Exposes Admin Passwords *

Neanderthals Exploit Telegram Bot "Telekopye" for Large-Scale Phishing Scams *

Data Breach Exposes Personal Information of 27,000 Members of NYC Bar Association *

CTS Cyberattack Rattles Dozens of UK Law Firms *

Germany's Federal Bar Association Probes Ransomware Attack *

Kansas Courts Affirm Data Breach and Ransom Request Following Cyberattack *

Latest Attacks by Konni Group Utilize Malicious Word Documents in Russian Language *

The Black Basta Ransomware Group has Compromised New Targets *

Widespread Distribution of New WailingCrab Malware Loader Through Shipping-Related Emails *

Indian Railway Catering and Tourism Corporation (IRCTC) Suffers Server Down Affecting E-Ticket Booking *

Expansion of ClearFake Campaign Takes Aim at Mac Systems with Atomic Stealer *

Windows Hello Authentication Bypass Identified on Microsoft, Dell, and Lenovo Laptops *

North Korean Threat Actors Employ Malware Campaigns Disguised as Job Recruiters and Seekers *

Data Breach at Welltok Exposes Information of 8.5 Million US Patients *

Tmax Enterprise software provider Experiences Data Breach, Exposing 2 Terabytes of Information *

Microsoft Reports CyberLink Breach by Lazarus Hackers in Supply Chain Attack *

Dragon Touch Children's Tablet Compromised by Corejava Malware *

Fresh Botnet Malware Leverages Pair of Zero-Day Vulnerabilities to Target NVRs and Routers *

CISA Issues Urgent Directive for Immediate Response to Looney Tunables Linux Vulnerability *

Wolf Haldenstein Adler Freeman & Herz LLP Issued a Data Breach Alert on Midwest Gaming & Entertainment, LLC. *

AutoZone Alerts of Data Breach Due to MOVEit Vulnerability *

Hacktivists Breach U.S. Nuclear Research Lab, Compromising Employee Data *

CISA's Cybersecurity Guide: Safeguarding Healthcare and Public Health Organizations *

Play Ransomware Shifts to Commercial Model, Offered as Service to Cybercriminals *

Deceptive Campaign Aims at Indian Android Users, Impersonating Banks and Government Bodies *

Latest Agent Tesla Malware Iteration Employing ZPAQ Compression in Email-Based Assaults *

South China Sea Tensions Prompt Mustang Panda Hackers Target Philippines Government *

Critical Vulnerability in Industrial Refrigeration Products Patched by Johnson Controls *

LittleDrifter USB Malware Linked to Gamaredon Spreads Outside Ukraine *

Contractor Hacks Lead to Canadian Government's Data Breach Disclosure *

Apache ActiveMQ RCE Exploited by Kinsing Malware to Install Rootkits *

New Version of LummaC2 Malware Unveils Innovative Trigonometry-Based Anti-Sandbox Technique *

Increase in NetSupport RAT Infections: Targeting Government and Business Sectors *

Phobos Ransomware Accuses VX-Underground Malware Collective of Framing *

Indian Hackers Targeting U.S., China, and Other Nations for More Than Ten Years *

FCC Implements New Regulations Safeguarding Consumers Against SIM-Swapping Threats *

RSA Keys Extracted from SSH Server Signing Errors by Researchers *

Russian Hackers Exploit WinRAR and Ngrok Features in Embassy Attacks *

Yamaha Motor's Philippine Subsidiary Hit by Ransomware Assault *

Discord Phishing Scam Emerges Following Bloomberg Crypto X Account Mishap *

CISA Adds Three Actively Exploited Vulnerabilities in Windows, Sophos, and Oracle into KEV Catalog *

Vietnam Post Corporation Leaks 1.2TB of Data, Revealing Email Addresses of Employees *

Deceptive Google Ads Lure WinSCP Users into Installing Malicious Software *

Security Researchers Uncover Malicious Packages on PyPI and NPM Repositories Targeting Developers *

Fortinet Alerts Users to Critical Command Injection Vulnerability in FortiSIEM *

Experts Reveal DarkCasino as New APT Threat Leveraging WinRAR Security Flaw *

Ransomware Group Lodges SEC Complaint Regarding Victim's Unreported Breach *

Exploitation of Zimbra Email Software's Zero-Day Flaw by Four Hacker Groups *

Toyota Acknowledges Security Breach as Medusa Ransomware Threatens Data Leak *

Significant Data Breach Reported at Smart WiFi Provider Plume by Alleged Hackers *

Long Beach, California Shuts Down IT Systems Following Cyberattack *

FBI Exposes Tactics Used by the Notorious Scattered Spider Hacker Group *

Google Workspace and Cloud Platform Vulnerable to Potential Ransomware Exploits *

FBI and CISA Alert on Opportunistic Rhysida Ransomware Attacks *

Toronto Public Library Acknowledges Data Breach in Ransomware Attack *

North Carolina County Faces Unauthorized Data Access in Cyberattack by Hackers *

Australian Agency Raises Alarm Over Threat from State-Supported Hackers *

Dolly.com's Ransom Payment Doesn't Stop Attackers from Releasing Data *

Latest PoC Exploit for Apache ActiveMQ Vulnerability Enables Low-Profile Attacks *

Denmark's Critical Infrastructure Faces Largest Coordinated Cyberattack, Targeting 22 Energy Firms *

PJ&A Cyberattack Exposed Nearly 9 Million Patient Records *

Recent Data Breach Impacts Customers of Samsung's UK Store *

FBI Announces Success in Disrupting IPStorm Botnet and Its 23,000 Malicious Proxies *

Targeted Attacks on MySQL Servers and Docker Hosts Using DDoS-Enabled Malware Detected by Researchers *

LockBit Ransomware Exploits Citrix Bleed Vulnerability, Exposing 10,000 Servers in Attacks *

Truepill Pharmacy Platform Reports Data Breach Affecting 2.3 Million Customers *

VMware Reveals Critical Authentication Bypass in VCD Appliance Without Available Patch *

New Reptar CPU Bug Impacts Intel's Desktop and Server Systems *

Vulnerability in WP Fastest Cache Plugin Puts 600k WordPress Sites at Risk of Attacks *

Vietnamese Cybercriminals Employ Delphi-Based Malware to Attack Indian Marketing Professionals *

Critical Azure CLI Vulnerability Addressed by Microsoft, Preventing Credential Leakage in Logs *

AMD CPU Vulnerability "CacheWarp" Allows Root Access in Linux VMs *

Microsoft Patch Tuesday Security Advisory - November 2023 *

Chinese Hackers Conduct Stealthy Espionage Assaults on 24 Cambodian Entities *

Lorenz Extortion Group Leaks Stolen Data from Cogdell Memorial Hospital in Texas *

IP Criminality & Advanced Cyber Threat Analysis with Cisco SecureX-XDR *

Emergence of a New Ransomware Faction Armed with Hive's Source Code and Infrastructure *

Ethereum's 'Create2' Function Abused in $60M Cryptocurrency Theft *

DP World Hit by Cyberattack, Paralyzing Thousands of Containers in Ports *

"Chess.com" Grapples with Dual Data Breaches as Threat Actors Leak 1,276,000 Scraped User Records *

Israel Alerts Organizations to BiBi Malware Wiper Attacks Targeting Linux and Windows *

Microsoft Issues Alert Regarding Fraudulent Skills Assessment Portals Targeting IT Job Seekers *

Microsoft Resolves Slow Saving Issues in Outlook Desktop with Bug Fix *

Tri-City Medical Center in Oceanside is Impacted by Ongoing Cyberattacks *

Law Enforcement Dismantles BulletProftLink, a Major Phishing Service Provider *

Data Breach at McLaren Health Care Impacts 2.2 Million People *

Healthcare Organizations Compromised as Hackers Exploit ScreenConnect Remote Access *

Iran-Linked Imperial Kitten Cyber Group Focuses its Attack on Middle East Entities *

Mr. Cooper, Major Mortgage Servicer Reports Customer Data Exposure in Security Breach *

Microsoft Warns of BlueNoroff Hackers Plans for Fresh Crypto Theft Attacks *

Maine Government Alerts 1.3 Million Individuals About MOVEit Data Breach *

Clop Ransomware Attacks Exploit Zero-Day Flaw in SysAid, Microsoft Reports *

Anonymous Sudan Claims Responsibility for DDoS Attack Leading to Cloudflare Website Outage *

Google Ads Distribute Malicious CPU-Z App via Counterfeit Windows News Site *

Ransomware Attack Affects 39,000 Individuals at Kyocera AVX *

Ransomware Attack Strikes Industrial and Commercial Bank of China *

Microsoft Provides Temporary Solution for Windows Server 2022 VMs Facing Issues *

Russian Hackers Employ LOTL Technique to Potentially Trigger Power Outages *

Data Breach at Perry Johnson & Associates, Inc. Impacts Cook County Health due to Security Incident *

CISA Issues Alert as High-Severity SLP Vulnerability Faces Active Exploitation *

Microsoft Enhances Windows 11 Security by Eliminating SMB1 Firewall Rules *

Iranian Hackers Employing New C2 Framework MuddyC2Go to Target Israel *

Datacenter Overheating Disrupts 2.5 Million Bank Transactions *

Sberbank Confronts Massive DDoS Attack with 1 Million Requests Per Second *

Undetectable Crypto Mining Technique Revealed in Azure Automation by Researchers *

Security Alert: Python Packages on PyPI Infected with Blaze Stealer Malware *

WhatsApp Unveils Enhanced Privacy Feature: Safeguarding IP Addresses During Calls *

Major Outage Knocks ChatGPT Offline, Affecting OpenAI Systems *

Hacker Exposes 35 million LinkedIn User Database on Breach Forums *

Russian-speaking Threat Actor "Farnetwork" Connected to Five Ransomware Groups *

FBI Warns of Ransomware Gangs Targeting Casinos via Third-Party Gaming Vendors *

Security Breach Unveiled by Sumo Logic, Recommends API Key Resets *

Japan Aviation Electronics Reports Unauthorized Server Access in Recent Cyberattack *

Android Security Updates for November 2023 Address 37 Vulnerabilities *

BlueNoroff Hackers Utilize ObjCShellz Malware to Create Backdoors on Macs *

GootLoader's Advanced Malware Variant Operates Covertly and Expands Swiftly *

Cisco Addresses 27 Vulnerabilities with Security Updates for Network Security Products *

Fraudulent Ledger Live App on Microsoft Store Scams Users out of $768,000 in Cryptocurrency *

Emergence of New Jupyter Infostealer Version with Advanced Stealth Tactics *

Marina Bay Sands Discloses Data Breach Impacting Information of 665,000 Customers *

China-Based E-commerce Store "Zhefengle" Exposes Millions of Chinese Citizen IDs *

Hilb Group Reveals Email Security Breach Impacting Personal Data of 81,000 Individuals *

QNAP's Alert on Critical Command Injection Vulnerabilities in QTS OS and Apps *

Multi-Platform Attack by SideCopy Threat Actor Utilizes WinRAR Zero-Day and Ares RAT to Target Indian Organizations *

Ransomware TellYouThePass Executes Remote Code Execution (RCE) Attack on Apache ActiveMQ *

Android Security Bypassed by Cybercrime Service for Malware Installation *

Veeam Issues Critical Bug Warnings for Veeam ONE Monitoring Platform *

Google Alerts Users to Possible Misuse: Cybercriminals Using Calendar Service as a Covert C2 Channel *

Socks5Systemz Proxy Service Compromises 10,000 Systems Globally *

DarkGate Malware Exploiting Microsoft Installer Files After Targeting Microsoft Teams *

DDoS Attacks Cause Disruptions in Singapore's Public Health Services *

Kinsing Actors Leveraging Latest Linux Vulnerability to Compromise Cloud Environments *

NodeStealer Malware Exploiting Facebook Business Accounts to Run Malicious Advertisements *

Allied Pilots Association of American Airlines Pilots Reveals Ransomware Attack *

CanesSpy Spyware Distributed Using Altered WhatsApp Versions *

Microsoft Exchange New Zero-Day Vulnerabilities Enable Remote Code Execution and Data Theft Attacks. *

Boeing Company Affirms Cyberattack Involving LockBit Ransomware *

Cloudflare's Data Center Power Outage Disrupts Dashboard and API Services *

Researchers Identify 34 Windows Device Drivers Vulnerable to Complete Device Compromise *

Employee Records at OKTA Exposed in Third-Party Vendor Breach of Rightway Healthcare *

Atlassian Issues Urgent Warning for Patching After Confluence Data Wiping Vulnerability Exploit *

Iran's MuddyWater Launches Spear-Phishing Campaign Targeting Israel *

Cyberattack Targets Mortgage Giant Mr. Cooper, Disrupting IT Operations *

Ace Hardware Reports Cyberattack Affecting 1,202 Devices *

Hackers from North Korea are Targeting Crypto Experts with KANDYKORN MacOS Malware *

Critical Vulnerabilities in F5 BIG-IP Products Actively Exploited in the Wild *

Mysterious Kill-Switch Deactivates Mozi Malware Botnet Operations *

CVSS 4.0: New Vulnerability Severity Rating Standard Unveiled *

Middle East Financial and Government Sectors Targeted by Iranian Cyber Espionage Group *

Citrix Bleed Vulnerability Exploited by Hackers in Global Government Network Attacks *

Over 3,000 Internet-Facing Apache ActiveMQ Servers at Risk of Remote Code Execution Attacks *

Avast Antivirus SDK Misidentifies Google App as Malware on Huawei, Vivo, and Honor Smartphones *

British Library Faces Weekend Cyberattack, Leading to Internet Access Disruptions *

Discovery of Malicious NuGet Packages Distributing SeroXen RAT Malware *

Bluetooth Spam Attacks Inspired by Flipper Zero Now Available as Android App *

The Elektra Leak Campaign Leveraging Exposed AWS IAM Credentials on GitHub for Cryptocurrency Mining Attacks *

Hackers Exploiting MSIX App Packages to Spread GHOSTPULSE Malware on Windows PCs *

SEC Files Lawsuit Against SolarWinds for Investor Misrepresentation Preceding 2020 Cybersecurity Breach *

New Phishing Campaign Utilizes Disguised Remcos RAT as Fake Payslip *

Bibi-Linux Wiper Malware Launches Destructive Attacks on Israeli Organizations *

Cyberattack Disrupts Toronto Public Library Services Over the Weekend *

India's Biggest Data Breach: 815 million COVID Test Records for Sale, Sample Authenticity Confirmed *

Hunters International Ransomware: A Potential Rebranding of Hive *

Check Point Records a High Surge in QR Code Quishing Compared to the Previous Year *

Researchers Discovered XMPP-Based Instant Messaging was Being Wiretapped *

Nevada School District Parents Receive Emailed Student Data Stolen by Hackers *

Android Adware Apps on Google Play Accumulate Over Two Million Installs *

Latest iLeakage Exploit Extracts Email Addresses and Passwords from Apple Safari *

Microsoft Reveals Octo Tempest as a Significant Threat to Financial Security *

Critical Vulnerability in NextGen's Mirth Connect Puts Healthcare Data at Risk *

StripedFly Malware Framework Infects Over One Million Windows and Linux Systems *

Iranian APT Group Tortoiseshell Unleashes Fresh IMAPLoader Malware Assaults *

Seiko Discloses Ransomware Breach Compromising Customer Data *

Alleged Cybersecurity Incident: Researcher Reports Exposure of 12 Million Patient Records at Redcliffe Labs; Company Denies Data Breach *

Potential Data Breach: 1.2 Million Airbnb User Records Reportedly Exposed *

Ransomware Attack by Rorschach Gang Disrupts Chile's Telecom Giant GTD *

GoPIX Malware Malvertising Campaign Takes Aim at Brazil's PIX Payment System *

European Government Email Servers Hacked Using Roundcube Zero-Day Exploit *

ASVEL Basketball Team Acknowledges Data Breach After NoEscape Group's Ransomware Attack Assertion *

Security Breach Impacts Five Canadian Hospitals Linked to TransForm Health Services Provider *

Modified Backdoor on Compromised Cisco Devices Evades Detection *

VMware Issues Alert About POC Availability for vRealize RCE Vulnerability *

1Password Identifies Suspicious Activity in Wake of Okta Support Breach *

BHI Energy Discloses Details of Akira Ransomware Attack on Its Systems *

City of Philadelphia Reveals Data Breach After Five Month Delay *

Firebird Backdoor by DoNot Team Targets Pakistan and Afghanistan *

Quasar RAT Exploits Dual DLL Side-Loading Technique for Covert Operations *

Associated Wholesale Grocers Claimed as a Victim by Play Ransomware Group *

Researchers Discover ExelaStealer, a Low-Cost Information Stealer Targeting Windows Systems *

American Family Insurance Confirms IT Outages Caused Due to Cyberattack *

TetrisPhantom Hackers Target Government Systems in Asia-Pacific, Stealing Data from Secure USB Drives *

Thousands of Devices Infected with Malicious Lua Backdoor Exploiting Cisco Zero-Day Vulnerability *

Significant Remote Code Execution Vulnerabilities Discovered in SolarWinds Access Audit Solution *

Okta Support System Breached Through Compromised Credentials *

DarkGate Malware Strikes U.K., U.S., and India in Vietnamese Hacking Campaign *

A Cyberattack Disrupts the Operations of Healthcare Solutions Giant Henry Schein *

Fraudulent KeePass Website Leverages Google Ads and Punycode to Distribute Malware *

Iran-Linked OilRig Launches 8-Month Cyber Campaign Targeting Middle East Governments *

BlackCat Ransomware Employing Innovative 'Munchkin' Linux VM for Covert Attacks *

A Malware Framework Named MATA Exploits EDR to Attack Defense Firms *

Casio's Data Breach Affects Customers in 149 Countries *

Synology's DiskStation Manager Admin Takeover Vulnerability Exposes NAS Devices *

Data Breach at TrueCoin's Third-Party Vendor Exposes TUSD User Information *

Lazarus Group Uses Trojanized VNC Apps to Deceptively Target Defense Experts with Fake Interviews *

Qubitstrike's Campaign Targets Cloud Environments via Jupyter Notebooks for Crypto Mining *

Security Research Reveals IT Administrators' Use of Weak Passwords on Critical Portals *

ClearFake Introduces Deceptive Browser Updates for Malware Distribution *

North Korean Hackers Exploit Critical TeamCity Vulnerability to Breach Networks *

Ampersand, a TV Advertising Sales Giant Hit by Ransomware Attack *

Knight Ransomware Group Claims BMW Munique Motors Cyberattack *

D-Link Confirms Data Breach as Data Appears on Sale at BreachForums *

The SpyNote Android Malware Spreads Through Fake Alerts about Volcanic Eruptions *

Nation-State Hackers Leveraging Discord Platform to Target Critical Infrastructure *

Open Source CasaOS Cloud Software Reveals Significant Security Vulnerabilities *

Vulnerabilities in Weintek HMIs Pose Significant Security Risks *

The 'RedAlert' Rocket Alert App for Israel was Found to Install Spyware on Android Devices *

Cisco Issues Alert Regarding Actively Exploited Zero-Day Vulnerability in IOS XE *

Threat Actors are Exploiting Potential Milesight Industrial Router Vulnerability *

Kansas Courts Shutdown IT Systems Following Security Incident *

Critical Vulnerability in WordPress Royal Elementor Plugin Exploited by Hackers *

Russian Hackers Exploit Latest WinRAR Vulnerability in Fresh Campaign *

Researchers Warn Against SpyNote, an Android Trojan that Records Calls and Audio *

Vietnam Faces Accusations of Utilizing Predator Spyware for Surveillance of EU and US Legislators *

AI Algorithm Developed to Counter Man-in-the-Middle Attacks on Unmanned Military Robots *

Steam Platform Enforces SMS Verification to Prevent Malware-Laden Updates *

Indian State Government Addresses Bug Exposing Aadhaar Numbers and Fingerprints *

Juniper Networks Addresses Over 30 Vulnerabilities in Junos OS with Security Patches *

Mysterious Network Incident Triggers Kwik Trip IT Systems Outage *

DarkGate Malware Disguised as PDF Files Spreads Through Messaging Services *

Latest PEAPOD Cyberattack Initiative Focuses on Female Political Leaders *

Shadow PC Issues Data Breach Warning as Hacker Attempts to Sell Gamer Data *

FBI Releases AvosLocker Ransomware Technical Analysis and Defense Strategies *

ToddyCat Hackers Employ 'Disposable' Malware for Asian Telecoms' Targeted Attacks *

ShellBot Employing Hex IPs for Evasion in Linux SSH Server Attacks *

NuGet Developers Infected by SeroXen RAT Through Malicious Solana and KuCoin Packages *

Philippine Statistics Agency Investigates Suspected Data Breach *

Simpson Manufacturing's Cyberattack Results in IT System Suspension *

Enterprise Systems Vulnerable to Critical SOCKS5 Vulnerability in cURL *

LinkedIn Smart Links Resurge in Phishing Campaigns Against Microsoft Accounts *

CISA Alerts to Ongoing Exploitation of Adobe Acrobat Reader Vulnerability *

Deceptive Backdoor Targets WordPress Sites by Posing as Genuine Plugin *

Chrome 118 Addresses 20 Security Vulnerabilities with Patches *

Unprecedented DDoS Assaults Leveraging Zero-Day Flaw in HTTP2 Rapid Reset Technique *

Air Europa Data Breach Sparks Urgent Warning to Customers Cancel their Credit Cards *

Safexpay Technology's Payment Gateway Breach Unveils Rs 16,180 Crore Scam *

Critical Citrix NetScaler Vulnerabilities Exposes Sensitive Data *

Massive Ad Fraud Botnet PEACHPIT Harnesses Millions of Compromised Android and iOS Devices *

Researchers Detect Grayling APT's Continuous Attacks on Various Sectors *

Mirai Variant Targets Linux Routers with 13 New Payloads *

Microsoft Patch Tuesday Security Advisory - October 2023 *

Critical Memory Corruption Vulnerability in libcue Library Threatens Linux GNOME Environments *

IoT Security Concerns Raised Due to Flaws in ConnectedIO's 3G 4G Routers *

D-Link WiFi Range Extender Susceptible to Command Injection DoS Attacks *

Over 17,000 WordPress Sites Targeted by Balada Injector by Exploiting Unpatched tagDiv Plugin *

Magecart Card Skimming Campaign Manipulate Online Store 404 Pages for Credit Card Theft *

Israeli Energy and Defense Sectors Targeted by Cyber Threat Actor with Gaza Ties *

Flagstar Bank Suffers Third Data Breach Since 2021, Impacting 800,000 Customers *

Microsoft 365 Administrators Receive Cautionary Notice About Recent Google Anti-Spam Regulations *

D.C. Board of Elections Confirms Voter Data Breach in Website Hack *

23andMe Genetics Company Reports User Data Breach in Credential Stuffing Attack *

Blackbaud Reaches $49.5 Million Settlement Over Ransomware Data Breach *

Backdoored Firmware Discovered in Android Devices Used in US Schools *

Multiple Critical Vulnerabilities Uncovered in Supermicro BMC IPMI Firmware *

3 Million Customer Records Exposed in Major CRM Provider Really Simple Systems Data Breach *

Lyca Mobile Probes Customer Data Breach Following Cyberattack *

Cyber Espionage Campaign Linked to China Deploys Cobalt Strike Backdoor in Semiconductor Firms *

New Android Trojan GoldDigger Targets Financial Apps in Asia Pacific *

Cyber Espionage Attack Targets Guyana Governmental Entity with DinodasRAT *

BitSight Uncovers 100,000 Vulnerable Industrial Control Systems (ICS) Exposed to Cybersecurity Risks *

Data Breach at European Telecommunications Standards Institute (ETSI) Following Cyberattack *

Atlassian Releases Critical Patch for Exploited Zero-Day Vulnerability in Confluence *

Hackers Exploit Breached SQL Servers to Target Azure Cloud VMs *

Cisco Resolves Hard-Coded Root Credentials Vulnerability in Emergency Responder *

Sony Confirms Data Breach Affecting Thousands of Employees in the United States *

Researchers Uncover Connection Between DragonEgg Android Spyware and LightSpy iOS Surveillanceware Tool *

New Supply Chain Attack Unleashes Open-Source Rootkit via Rogue npm Package *

Critical Apple Update Addresses Zero-Day Vulnerability Exploited in iPhone Hacks *

Cyber Security Vulnerability at National Logistics Portal (Marine) Exposes Sensitive Data *

Security Flaws in TorchServe Enable Remote Code Execution in PyTorch Models *

Mirai Botnet's Latest Variants hailBot, kiraiBot, catDDoS Found Active in Recent Attacks *

MEDUSA Ransomware Group Claims Attack on Two New Victims *

Qualcomm Releases Patch for 3 New Zero-Days Under Active Exploitation as Hackers Target GPU and DSP Drivers *

'Looney Tunables' Linux Bug Grants Root Privileges on Major Distributions *

EvilProxy Exploits indeed.com's Open Redirect for Microsoft 365 Phishing *

Lorenz Ransomware Group Launches a Major Cyberattack on Allcare Pharmacy *

Ransomware Threat Groups Targeting JetBrains' TeamCity Servers *

Arm Alerts about Exploited Mali GPU Flaws, Suspects Targeted Attacks *

Motel One Group Reveals Data Breach After Ransomware Attack *

Zanubis Android Banking Trojan Impersonates Peruvian Government App to Target Users *

Exim Releases Patches for Three of Six Zero-Day Vulnerabilities Disclosed Recently *

Zip Slip Vulnerability in OpenRefine Leads to Malicious Code Execution *

BunnyLoader, New Malware-as-a-Service (MaaS) Threat Emerges with New Capabilities *

Iran's APT Group OilRig Unleashes Menorah Malware for Stealthy Operations *

DDoS protections provided by Cloudflare ironically bypassed. *

RSA Decryption Vulnerability from 1998 Returns in Marvin Attack *

Amazon Accidentally Sends Out Mastercard and Google Play Gift Card Order Emails *

WS_FTP Server Hotfixes Released by Progress Software for Multiple Security Flaws *

The New ASMCrypt Malware Loader Allows Cybercriminals to Fly Under the Radar *

An Exploit has been Released for the Microsoft SharePoint Server Authentication Bypass Flaw *

Zero-day RCE Attacks on Millions of Exim Mail Servers *

Cisco Alerts About Exploitation Attempts Post Vulnerability Discovery in IOS and IOS XE Software *

Critical Flaw in Cisco Catalyst SD-WAN Manager Enables Remote Server Access *

Microsoft Breach by Chinese Hackers Results in Theft of 60,000 U.S. State Department Emails *

Malware-Infested Ads Infiltrating Bing's AI Chatbot *

Progress Software Issues Warning About Critical Vulnerability in WS FTP Server Software *

Password-Stealing Commits Disguised as Dependabot Contributions Target GitHub Repositories *

Budworm Hackers Launch Custom Malware Attacks on Telcos and Government Organizations *

Firefox 118 Addresses High-Severity Vulnerabilities with Security Patches *

DarkBeam Exposes Massive Cache of Email and Password Combinations in DataBreach *

Researchers Discover Modern GPUs Vulnerable to New GPU.zip Side-Channel Attack *

Malicious PyPI and npm Packages Utilised in SSH Key Compromises *

US and Japan Warn of BlackTech Hackers Backdooring Cisco Routers *

Johnson Controls, a Leading Building Automation Company, Falls Victim to Ransomware Attack *

Google Resolves the Fifth Actively Exploited Zero-Day Vulnerability in Chrome for 2023 *

ZenRAT Malware Targeting Windows Users by using the Fake Password Manager Software *

PhilHealth Faces $300K Ransom Demand Following Data Breach *

Google Reassigns Top CVE Rating to libwebp Vulnerability Impacting Browsers and Applications *

ShadowSyndicate Cybercriminals Linked to Multiple Ransomware Operations Across 85 Servers *

Chinese Hackers in Multi-Year Campaign Target South Korean Organizations *

American Red Cross Exploited as Phishing Lure by New AtlasCross Hackers *

Openfire Flaw Exploited by Hackers to Encrypt Servers *

ZeroFont Phishing Manipulates Microsoft Outlook to Display Fake AV Scans *

Critical JetBrains TeamCity Flaw Exposes Source Code and Build Pipelines *

Hong Kong Consumer Watchdog Hit by Severe Ransomware Attack *

Clop Ransomware Attack on BORN Ontario Child Registry Affects 3.4 million Individuals *

Mixin Network Halts Operations After Suffering a $200 Million Hack *

Critical BIND DNS System Vulnerabilities Enable DoS Attacks *

Three Unique Categories of Cyberattacks with Ties to China Targeting Southeast Asian Government Entities *

Xenomorph Android Malware Targets U.S. Banks and Cryptocurrency Wallets *

Phishing Campaign Lured as Drone Manuals Targets Ukrainian Military *

Spyware Operation EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese Through Watering Hole Attacks *

Data Breach at National Student Clearinghouse Affects 890 Schools *

Sony Corporation Allegedly Breached by RANSOMEDVC Ransomware Group *

Nansen, a Cryptocurrency Analytics Company, Urges Password Resets After Vendor Data Breach *

OpenSea API Users Requested to Rotate API Token Following a Third-Party Security Breach *

Stealthy and Modular Deadglyph Malware Cyberespionage Attack Targets Middle East Government Entities *

Gelsemium APT Group Targeting Southeast Asia's Government Entities *

Data Breach at Ohio Community College Exposes Nearly 300,000 Individuals *

Spyware Attacks Exploit Newly Resolved Apple and Chrome Zero-Day Vulnerabilities *

BBTok Banking Trojan's Latest Variant Takes Aim at Moreover 40 Latin American Banks *

Bermuda Government Attributes Cyberattack to Russian Hacker Group *

Cybercriminals Redirect Hotel Guests to Fake Booking.com Site to Swipe Credit Card Information *

Atlassian Addresses High-Severity Vulnerabilities with Security Updates *

New LuaDream Malware Used by 'Sandman' Hackers to Infiltrate Telecommunication Providers *

Suspected Ukrainian Hacker Linked to 'Free Download Manager' Malware Attack *

CISA and FBI Warns About Snatch Ransomware Group's Attacks *

Air Canada Confirms Security Breach, Reveals Exposure of Employee Records *

Cyber Group 'Gold Melody' is Marketing Compromised Access to Ransomware Attackers *

Apple Releases Urgent Updates to Fix Three Zero-Day Exploits *

Pizza Hut Australia Faces Data Breach Affecting 200,000 Customers *

Researchers Found Fake POC on GitHub Distributing VenomRAT Malware *

Hackers Selling Over 2million Pakistanis' Data from Restaurants After a Massive Breach *

City of Pittsburg Suffers Cyberattack Results in Outage *

Advanced Phishing Attacks Aimed at Chinese Users Using ValleyRAT and Gh0stRAT Malwares *

Nagios XI Network Monitoring Software Fixes Critical Security Flaws *

Security Flaws in Atos Unify Expose Systems to Backdoor Attacks *

Fortinet Releases Critical Security Updates for FortiOS, FortiProxy, and FortiWeb Products *

P2PInfect Botnet Updates to Stealthier Variant with Activity Surges by 600 Times *

T-Mobile App Glitch Exposes User Account Information to Others *

Hackers from China Target North American and APAC Firms with Web Skimmer Campaigns *

New Rust-Based Malware Campaign 'Operation Rusty Flag' Targets Azerbaijan Entities *

AMBERSQUID Cryptojacking Operation Attacks Leverages AWS Services *

Phishing Attack Targets Victims of Celsius Crypto Bankruptcy *

Hackers Employ new HTTPSnoop and PipeSnoop Malware to Target Telecom Companies *

Next-Gen Android Banking Trojan Hook Builds Upon ERMAC's Legacy *

International Criminal Court Systems Compromised in Recent Cyber Attack *

GitLab Urges on Users to Apply Critical Pipeline Flaw Security Updates *

Trend Micro Fixes a Critical Zero-Day vulnerability in Apex One Endpoint Security Products *

Hackers from APT36 Infect Android Devices with Clones of the YouTube App *

Unauthenticated RCE vulnerability Affects Thousands of Juniper Devices *

Bumblebee Malware Makes a Comeback, Leveraging WebDAV for New Assaults *

38TB of Private Data leaks from Microsoft's Unsecured Azure Storage *

SprySOCKS, a New Linux Malware, has been Used in Cyber Espionage Attacks *

Shell's Australian BG Group Business Affected by MOVEit Breach *

Lazarus Group Targets CoinEx Exchange in Ongoing Cryptocurrency Platform Attacks *

Cuba Ransomware Gang Targets Mutiple Sectors with Newly Updated Malware *

UNC3944, a Financially Motivated Threat Actor, Shifts Efforts Toward Ransomware Attacks *

TikTok Flooded with Cryptocurrency Giveaway Scams Impersonating 'Elon Musk' *

Auckland Transport Authority Experiences Alleged Ransomware Attack *

Ransomware Attack on ORBCOMM Leads to Disruption in Trucking Fleet Management *

Retool Attributes Security Breach to Google Authenticator's MFA Cloud Sync Function *

NodeStealer Malware Targets Facebook Business Accounts Across Various Browsers *

MGM Casino Faces Ransomware Attack with ESXi Server Encryption *

Caesars Entertainment Pays Ransomware After Suffering a Data Breach *

Microsoft Discovers Flaws in the ncurses Library that Exposes Linux and macOS Systems *

Malicious Google Ads Exploit Cisco Webex to Distribute Malware via Tracking Templates *

Iranian Cyberattackers Infiltrate Defense Organizations through Password Spray Tactics *

Proof-of-Concept Exploit Demonstrates Windows 11 'ThemeBleed' RCE Vulnerability *

Vulnerability in N-Able's Take Control Agent Exposes Windows Systems *

Rollbar Discloses a Data Breach, Exposing its Clients Access Tokens *

Airbus Launches Inquiry After Hacker Exposes Data *

Mozilla Addresses Critical Zero-Day Exploit in Firefox and Thunderbird by Patching WebP Vulnerability *

Kubernetes Flaws Expose Windows Endpoints to Remote Attacks *

Hackers Employ 3AM Ransomware to Salvage Unsuccessful LockBit Assault *

Eight Vulnerabilities Exposed in Microsoft Azure HDInsight Analytics Service *

The Latest WiKI-Eve Attack is Capable of Stealing Numeric Passwords Through WiFi *

Espionage Group 'Redfly' Quietly Exploits Power Supplier's Network for Half a Year *

Adobe Exploited the Zero-Day Vulnerability in Acrobat and Reader Software *

MetaStealer Malware Takes Aim at Apple macOS in Recent Attacks *

GitHub Fixes a Security Vulnerability which Exposed More Than 4,000 Repositories to Repojacking Attack *

Advanced Phishing Operation Targets Windows Machines by Utilizing Agent Tesla, OriginBotnet, and RedLine Clipper *

Microsoft Patch Tuesday Security Advisory - September 2023 *

Rhysida Ransomware Group Continues its Attack on US Hospitals with Demanding 1.3 million Dollar Ransom *

Newly Emerged Sponsor Backdoor by Charming Kitten Targets Brazil, Israel, and U.A.E. Entities *

MGM Resorts Suffers a Cyberattack, Resulting in the Shutdown of IT Systems *

HijackLoader Modular Malware Gains Traction in Cybercrime Circles *

Google Addresses Another Chrome Zero-Day Vulnerability Exploited in Attacks *

Vietnamese Cybercriminals Use Facebook Messenger to Distribute Python Stealer *

New Steal-It Campaign Steal NTLMv2 Hashes from Compromised Windows Using PowerShell *

Malicious Telegram Clones on Google Play Infect Over 60,000 Users with Spyware *

Phishing Campaign in Microsoft Teams Distributes DarkGate Malware *

Cybercriminals Exploit Genuine Advanced Installer Tool for Crypto-Mining Attacks *

Cybercriminals Steals More Than $690,000 Following Takeover of Vitalik Buterin's Twitter Profile *

Dymocks Booksellers Data Breach Impacts 836000 Customers *

Ragnar Locker Ransomware Gang Claims Responsibility for Israel's Mayanei Hayeshua Hospital Cyber Attack *

Cisco is Warning About Zero-Day Exploit of Cisco ASA and FTD Software in the Wild *

Notepad++ Releases Version 8.5.7 to Resolve Four Security Flaws *

Apache Superset Flaws Exploit Enables Remote Code Execution Attacks on Servers *

Google Looker Studio Exploited in Phishing Attacks to Target Cryptocurrency Enthusiasts *

Apple Releases Emergency Updates to Fix Two Actively Exploited Zero-Day Vulnerabilities Targeting iPhones and Mac *

Security Experts Warn of Iranian Hackers Using Fortinet and Zoho Flaws in Breach of US Aviation Organisations *

IBM Reveals Data Breach Affecting Janssen Healthcare Platform *

Cisco BroadWorks Platform Affected by Authentication Bypass Flaw *

Mirai Variant Strikes Low-Cost Android TV Boxes, Turning Them into DDoS Weapons *

Dunghill Leak Ransomware Group Claims Responsibility for Sabre Data Breach *

Security Researchers Uncovered Nine Vulnerabilities in SEL's Power Management Products *

September 2023 Android Updates Addresses Multiple Vulnerabilities Including an Actively Exploited Zero-Day *

New SideTwist Backdoor and Agent Tesla Variant Unleashed via Phishing Campaigns *

IOS Devices Can be Exploited with Flipper Zero's Bluetooth Spam Attack Functionality *

Microsoft Signature Key Stolen from Windows Crash Dump Used by Storm-0558 to Target Organizations *

W3LL's Phishing Kit Breaches Thousands of Microsoft 365 Accounts, via Bypassing MFA *

NXP Semiconductors Alerts its Customers to Data Breach Impacting Personal Information *

Critical Remote Code Execution Vulnerabilities Found in ASUS Routers *

Coffee Meets Bagel Confirms Recent Outage Caused Due to Cyberattack *

Chaes Malware Incorporates Google Chrome DevTools Protocol for Data Theft *

Zero-Day Vulnerability in Atlas VPN Exposes Users Actual IP Addresses *

MinIO Storage System Vulnerabilities Exploited by Hackers to Compromise Servers *

Zaun, a Fence System Company's Data Breach, Exposes Sensitive Data about UK Military Sites *

Freecycle Confirms Enormous Data Breach Affecting 7 Million User Accounts *

An Attack on a German Financial Agency's Website Began in September 2023 Has Been Disrupted Ever Since *

Chinese-Speaking Hackers Unleash Extensive iMessage Smishing Campaign Across the United States *

Vietnamese Cybercriminals Employing Malicious Malvertising Campaign to Target Facebook Business Accounts *

Security Researchers Discover Breach of Ayush Jharkhand Portal, Exposing Records of 320,000 Patients *

Okta Issues Warning About Social Engineering Attacks Targeting Super Administrator Privileges *

Plaintext Passwords can be Stolen from Websites using Chrome Extensions *

A Data Breach at the University of Sydney has Affected Recent Applicants *

Vulnerability in VMware SSH Authentication Bypass Now Has an Exploit in the Wild *

Emerging SuperBear Trojan Utilized in Targeted Phishing Attack Against South Korean Activists *

Russian-Backed 'Infamous Chisel' Android Malware Targeting the Ukrainian Military *

Cybercriminals Focusing on Microsoft SQL Servers for FreeWorld Ransomware Deployment *

Threat Actors Hacked Sourcegraph Website Using a Leaked Admin Access Token *

Earth Estries' Targets Governments and Tech Companies from Multiple Continents in an Espionage Campaign *

LogicMonitor SaaS Platform Users Targeted in Ransomware Attacks *

Hackers Breach Forever 21 Systems to Access more than 500,000 Members Information *

Lazarus Hackers from North Korea Linked to VMConnect Malicious Packages on PyPI *

Anonymous Sudan Shuts Down X Platform in Demand for Elon Musk's Starlink Service *

Windows Container Isolation Framework can be Exploited by Hackers to Bypass Endpoint Security *

Paramount Suffers a Data Breach After a Security Incident *

Google Chrome Security Patch Released to Fix High-Severity Vulnerability *

VMware Warning About a Critical SSH Authentication Bypass Flaw in VMware Aria Operations *

All in One WP Migration Flaw Exploit Could Result in a Data Breach *

DreamBus Malware Infects Servers by Exploiting a Vulnerability in RocketMQ *

Chinese Hackers Suspected of Breaching Japanese Cybersecurity Agency in Prolonged Attack *

Hackers Utilize Automated Tools to Overwhelm Mobile Devices with OTP SMS Messages *

Cisco VPNs Compromised Through Brute Force Attacks in Hacking Campaign *

DarkGate Malware Operations Increases as Creator Rents Malware to Affiliates *

New Android MMRat Malware Steals Data via the Protobuf Protocol *

University of Michigan Has Shut Down its Network Following a Cyberattack *

Spain's Police Warn About LockBit Locker Ransomware Phishing Attacks Against Architectural Firms *

Mom's Meals Disclosed a Data Breach That Affected More than 1200000 Individuals *

KMSDBot Malware Gets an Upgrade with Enhanced Capabilities to Attack IoT Devices *

JPCERT Uncovers Innovative 'MalDoc in PDF' Attack Technique *

Experts Discovered a Microsoft Entra ID Exploit That Grants Attackers Elevated Privileges *

Metropolitan Police Force's Data Exposed After Its Contractor's IT System Gets Breached *

Ohio History Connection Suffers a Ransomware Attack Affecting Thousands of People *

Leaseweb, World's Top Cloud and Hosting Provider, is Restoring 'Critical' Services Following a Security Incident *

Flax Typhoon Hackers Employ Advanced Tactics, Leveraging LOLBins for Stealthy Operations, Microsoft Reports *

Major Data Breach at Kroll Exposes Confidential Information of FTX, BlockFi, and Genesis Creditors *

The Telegram Bot "Telekopye" is Powering Large-Scale Russian Phishing Scams *

NVIDIA Graphics Driver Vulnerability Could Lead to Memory Corruption *

Smoke Loader Dropped New Whiffy Recon Spyware Utilises WiFi to Pinpoint Location *

Jupiter X Core WordPress Plugin Flaws Enable Hackers to Take Over Websites *

Pole emploi, France's National Employment Authority Suffers Data Breach Affecting 10 Million People *

Hackers Breach Internet Organization Using Public ManageEngine Exploit *

Danish Hosting Firms, CloudNordic and AzeroCloud, Lost all Customer Data After a Ransomware Attack *

Scarab Ransomware Spreads Worldwide with the Help of Spacecolon Toolset *

Cybercriminals Exploit WinRAR Zero-Day Vulnerability to Hack Trading Accounts *

Over 3000 Unpatched Openfire Servers Found Vulnerable to Hackers Exploit *

EVLF, a Syrian Threat Actor, Found to be Creator of CypherRAT and CraxsRAT Malware. *

Roblox Game Developers Targeted by Dozens of Malicious npm Packages *

Hacking Forum Selling Scraped Data of 2.6 Million Duolingo Users *

XLoader macOS Malware Takes on New Identity as 'OfficeNote' Productivity Application *

University of Minnesota is Investigating Potential Security Breach Incident *

Carderbee Hacking Group Utilises PlugX Malware to Target Asian Organisations in Supply Chain Attack *

Energy One Launches Investigation into Recent Cyberattack *

Cisco VPN Products are Targeted by Akira Ransomware to Breach Organizations *

Vulnerabilities in TP-Link Smart Bulbs Could Expose WiFi Passwords to Hackers *

HiatusRAT Malware Resurfaces, Attacking Taiwanese Firms and US Military Personnel *

CISA Adds Adobe ColdFusion Flaw to Known Exploited Vulnerability Catalog *

BlackCat Ransomware Group Targets Japanese Watchmaker Seiko in Cyberattack *

New Vulnerability in Ivanti Sentry is Exploited in the Wild *

Tesla Reports Over 75,000 Individuals Affected by Large-Scale Data Breach in May 2023 *

Numerous Android Malware Applications Employing Sneaky APK Compression to Bypass Detection *

Cuba Ransomware Exploits Veeam Vulnerability to Target Vital U.S. Entities *

Juniper Networks Warning Regarding New Juniper Junos OS Flaws That Expose Devices to Remote Attacks *

Ransomware variant BlackCat adopts advanced Impacket and RemCom tools *

New Google Chrome Feature Notifies Users Regarding Automatic Removal of Harmful Extensions *

Microsoft's DNS Misconfiguration Causes Hotmail Email Delivery Failures *

Security Vulnerability in WinRAR Allows Hackers to Execute Programs via Opening RAR Archives *

Apple iOS 16 Vulnerability Facilitates Covert Cellular Connectivity While Simulating Airplane Mode *

Global Wave of Phishing Attacks Targets Zimbra Email Server Accounts *

Bronze Starlight Group is Using Cobalt Strike Beacons to Target Asian Gambling Industry *

Zulip Chat App Employed by Russian Hackers for Stealthy Diplomatic Phishing Operations and Covert C&C Operation *

LABRAT Campaign Takes Advantage of GitLab Vulnerability for Cryptomining and Proxy Hijacking Operations *

CISA Issues Alert on Exploitation of Critical Citrix ShareFile Flaw in the Wild *

Stealthy Malware Infections Build 400,000 Proxy Botnets *

Critical Vulnerability Exploited to Hack Nearly 2,000 Citrix NetScaler Instances *

Google Chrome 116 Release Patches a Total of 26 Vulnerabilities *

QR Code Phishing Attack Employed to Target Multiple U.S. Organizations *

PowerShell Gallery Weaknesses Expose Users to Supply Chain Attacks *

Cybercriminals Exploit Cloudflare R2 for Hosting Phishing Pages *

Threat Actors Hijacking LinkedIn Accounts in a Widespread Campaign *

Norfolk and Suffolk Police Unintentionally Disclose Personal Data of 1,230 Individuals *

Numerous Vulnerabilities Detected in 'ScrutisWeb Software' Pose a Remote Hacking Risk to ATMs *

Android Banking Malware Gigabud RAT Targets Institutions of Various Countries *

New Remote Access Trojan QwixxRAT Distributed via Telegram and Discord Platform *

VMware ESXi Servers are Targeted by the Monti Ransomware with its New Linux Locker *

Data Center Vulnerability Exposed by Multiple Issues in CyberPower and Dataprobe Products *

The Info-Stealing Malware Exposed over 100K Hacking Forum Accounts *

Discord.io Confirmed a Breach of Its User Database After a Hacker Stole Data From 760K Users *

New Spam Campaign Distributes Knight Ransomware as Disguised TripAdvisor Complaints *

Ernst & Young's (EY) MoveIt Breach Exposes Bank of America Customers Data *

Indian Government's Parivahan Website Suffered Data Breach Exposing Source Code and 10K User Sensitive Data *

A New Set of CODESYS SDK Flaws Exposes OT Environments to Remote Attacks *

In Early 2022, a Critical Vulnerability in Magento Shopping Carts was Discovered and Exploited *

Researchers Uncover APT31's Sophisticated Backdoors and Data Exfiltration Methods *

SystemBC Malware Evolves to Target Power Company in Southern Africa *

Cyber Espionage Group 'MoustachedBouncer' Utilizes Adversary-in-the-Middle (AiTM) Attacks for Diplomatic Espionage *

Critical Flaw in Dell Compellent Integration Tools Exposes VMware vCenter Admin Credentials *

CISA Links Barracuda ESG Attacks to New Whirlpool Backdoor *

New Statc Stealer Malware Targeting the Microsoft Windows to Steal Sensitive Personal and Payment Information *

Gafgyt Malware Exploits Half-Decade Old Vulnerability in End-of-Life Zyxel Router *

CISA Adds Actively Exploited Microsoft .NET and Visual Studio Vulnerability to KEV Catalog *

Cybercriminals Abusing Open-Source Merlin Post-Exploitation Toolkit to Breach Entities *

Microsoft Office Update Disrupts Actively Exploited RCE Attack Chain *

Missouri Issues Alert Regarding Stolen Health Information Due to IBM MOVEit Data Breach *

Massive EvilProxy Phishing Campaign Targets the 120,000 Microsoft 365 Users *

New Rhysida Ransomware is Targeting Healthcare Organizations *

Code Flaw in Microsoft Visual Studio Lets Extensions to Collect Credentials *

Downfall Attack Exploit Targets Intel Processors, Extracting Encryption Keys and Sensitive Data *

AMD Zen CPUs Leak Sensitive Data Due to a New Inception Attack *

Latest Variant of Yashma Ransomware Targets Several English-Speaking Nations *

8 Years of Voter Data Exposed in UK Electoral Commission Data Breach *

Microsoft Patch Tuesday Security Advisory - August 2023 *

QakBot Malware Group Increases Command and Control Network with Additional 15 New Servers *

Vulnerable Redis Servers are Targeted by a New SkidMap Linux Malware Variant *

Cyber Attack Hits Prospect Medical Holdings' Healthcare Facilities Affecting Five Cities *

New Malware Campaign Uses OpenBullet Configurations to Target Rookie Cyber Criminals *

ScarCruft Breach 'NPO Mashinostroyeniya,' a Russian and Indian Defence Manufacturing Company *

Colorado Department of Higher Education Suffers Data Breach *

Researchers Identified Weaknesses in Tesla's Infotainment System that Unlock Paid Features and Exposes Secrets *

Threat Actors Using Reptile Rootkit Malware Targeting South Korean Systems *

Cybercriminals Target IT Pros with Fake VMware vConnector Packages on PyPI *

A New PaperCut Critical Bug Allows for Remote Code Execution Attacks on Unpatched Servers *

Malicious NPM Packages Were Found to Exfiltrate Sensitive Data From Developers *

Mozilla Firefox 116 Fixes Multiple High-Severity Vulnerabilities *

Rilide Malware Incorporates Chrome Extension Manifest V3 Adaptation For Data Theft *

Massive Cyber Attack Targets Hundreds of Citrix NetScaler ADC and Gateway Servers *

New Microsoft Azure AD CTS Feature Exploited to Move Laterally in Network *

Malicious Apps Avoid Google Play Store Scanners by Using Sneaky Versioning Techniques *

Google Chrome 115 Updates Include Patch for Critical V8 Vulnerabilities *

Slack Messaging Platform Experiences Outage Affecting Its Users *

Salesforce's Email Services Critical Zero-Day Exploited Using Facebook Phishing Campaign *

New Collide Power Widespread Side-Channel Attack Exploits Vulnerability in All CPUs *

Researchers Uncover Authentication Bypass Flaw in Ivanti EPMM Versions *

Researchers Discover AWS SSM Agent Abused as a Stealthy Remote Access Trojan *

Russian Hackers are Using Microsoft Teams Phishing Attacks to Target Government Organizations *

Space Pirates Target Multiple Organizations in Russia and Serbia by Using Deed RAT Malware *

Hundreds of European Bank Customers Targeted by SpyNote Android Trojan *

China's APT31 Allegedly Targeting Air-Gapped Systems in Eastern Europe *

NodeStealer's Latest Variant Targets Facebook Business Accounts and Crypto Wallets *

Threat Actors Targeting Italian Organizations with WikiLoader Malware *

Patchwork Hackers Targeting Chinese Research Organizations with EyeShell Backdoor *

Hackers Exploiting 'BleedingPipe' Vulnerability to Target Minecraft Servers and Players *

P2PInfect Malware Botnet Breach Redis Servers Using Replication Feature *

Hackers Stealing Signal and WhatsApp User Data via Fake Android Chat App *

AVRecon Botnet Providing Illegal Proxy Service Using Compromised Routers *

'Maximus' US Government Contractor Data Breach Affects 8 Million People *

Cyber Criminals Hack Israel's Largest Oil Refinery Operator 'BAZAN Group' *

Critical Security Vulnerability Found in Metabase BI Software *

Ivanti Fixes a Zero-Day Flaw in its Endpoint Manager Mobile (EPMM) Software *

Hackers Employ SUBMARINE Backdoor in Barracuda Email Security Gateway Hack *

Abyss Locker Ransomware Encrypts VMware ESXi Servers *

Hackers Exploit Windows Search Feature to Distribute Remote Access Trojans *

New Android Malware Steals Crypto Credentials Using uses OCR *

STARKMULE Employs U.S. Military-themed Document Lures to Target Koreans *

BlueBravo Targets European Diplomatic Entities Using GraphicalProton Backdoor *

IDOR Web App Flaws Enables Unauthorized Access *

Hawai'i Community College Suffers Data Breach *

Fenix Cybercrime Group Targets Taxpayers from Mexico and Chile *

Decoy Dog Malware Poses Grave Risk to Enterprise Networks *

Hackers Actively Exploiting Vulnerable Apache Tomcat Servers *

WordPress Ninja Forms Plugin Flaws Expose Websites to Data Leak *

Zimbra Addresses Zero-Day Vulnerability Exploited in XSS Attacks *

Over 900k MikroTik Devices Affected by Code Execution Vulnerability *

Researcher Discovers New AI Tool Dubbed 'FraudGPT' Used in Sophisticated Cyber Attacks *

Ubuntu Linux Vulnerabilities Affect 40 Percent of Ubuntu Users *

ALPHV Ransomware Integrates Data Leak API for Enhanced Extortion Approach *

NATO's Communities of Interest (COI) Cooperation Portal Suffers Data Breach *

Nitrogen Malware Exploits Google Ads to Deliver Ransomware Attacks *

JumpCloud Cyberattack Exposes North Korean Nation-state Actors IP Address *

Casbaneiro Banking Malware Adopts UAC Bypass Technique for Stealthy Attacks *

400,000 Corporate Credentials Stolen by Info-stealing Malware Families *

Realst macOS and Infostealer Malware Targeting Cryptocurrency Wallets *

VMware Fixes Critical Bug Exposing Cloud Foundry API Admin Credentials in Audit Logs *

Indian Railway Catering and Tourism Corporation (IRCTC) Suffers Massive Outage *

Zenbleed Attack Exposes Sensitive Data in AMD Zen2 Processors *

Norwegian Government's ICT Platform Hacked Via Zero-Day Vulnerability *

Ivanti Addresses A Zero-Day Flaw in its MobileIron Platform *

OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection *

Atera Windows Installers Vulnerable to High-Risk Privilege Escalation Attacks *

Open-Source Software Supply Chain Attacks Target Banking Sector *

Microsoft Azure AD Token Forging Technique Goes Beyond Outlook And Wiz Reports *

Clop Ransomware Gang Employing Clearweb Sites to Expose Data Stolen in MOVEit Attacks *

Coastal Mississippi County Hacked in a Ransomware Attack *

Threat Actors Distribute HotRat Malware Via Pirated Softwares *

DDoS Botnets are Exploiting Critical Vulnerability in Zyxel Devices *

BundleBot Malware Distributed Via Masqueraded Google AI Chatbot and Utilities *

Lazarus Group's Campaign Targets Crypto, Gambling and Cyber Sector Developers *

Mallox Ransomware Exploits Vulnerable MS-SQL Servers to Breach Networks *

New Peer-to-Peer Malware 'P2PInfect' Targets Redis Servers Running Windows and Linux Systems *

Critical Vulnerabilities Found in Apache OpenMeetings Web Conferencing Tool *

JumpCloud Breach Attributed to North Korean APT Lazarus Group *

Critical AMI MegaRAC Flaws Enable Hackers to Crash Vulnerable Servers *

Chinese APT41 Using New WyrmSpy and DragonEgg Spyware to Target Mobile Devices *

Two Ransomware Groups Target Beauty Giant 'Estée Lauder' *

Hackers Target Pakistani Organizations with ShadowPad Malware *

Threat Actors Transform Microsoft Exchange Servers as Malicious C2 Servers *

Adobe Releases Patches for Actively Exploited ColdFusion Flaws *

Citrix Patches Zero-Day Vulnerabilities in its ADC and Gateway Products *

FIN8 Utilizes Upgraded Sardonic Malware Variant to Deploy BlackCat Ransomware *

VirusTotal Data Breach Exposes Personal Details of Registered Customers *

Microsoft Exchange Online Service Suffers New Outage Blocking Emails *

SophosEncrypt Ransomware: Impersonating the Popular Sophos Brand *

Supply Chain Attack Enabled by Critical Privilege Escalation Design Flaw in Google Cloud Build *

Hackers Exploit WebAPK to Trick Android Users into Installing Malicious Apps *

Hackers Exploiting WordPress WooCommerce Payments Flaw in Massive Campaign *

Threat Actors Exploit Microsoft Word Vulnerabilities to Distribute LokiBot Malware *

Threat Actors Utilising Malicious USB Drives to Distribute SOGU and SNOWYDRIVE Malware *

Companies Attempt to Bolster their Cyber Defenses as Ransomware Threatens Data Security *

Researches Uncover Critical Security Vulnerabilities in Honeywell Experion DCS and QuickBlox Services *

Hackers Exploit Lemmy Instances Via Zero-Day Vulnerability *

AIOS WordPress Plugin Found Storing User Passwords in Plaintext Format *

Hackers Use New Generative AI Cybercrime tool WormGPT to Launch Attacks *

Gamaredon Hacking Group Distribute Malware via Instant Messaging Apps *

Microsoft Security Flaw Enables Hackers to Breach 24+ Organizations Using Fake Azure AD Tokens *

Data Breach at Colorado State University Impacts Students and Staff Personal Data *

AVrecon Malware Exploits 70,000 Linux Routers to Establish Massive Botnet *

Ukraine and Poland's Military and Government Entities Targeted Using PicassoLoader Malware *

Zimbra Urges Administrators to Manually Fix Exploited Zero-Day Attacks *

CISA Warns About Rockwell Automation ControlLogix Vulnerabilities Used in Industrial Systems *

BlackLotus Windows UEFI Bootkit's Source Code Leaked on GitHub *

Researchers Found Fake POC on GitHub Distributing Data Stealing Malware *

Unauthenticated REST API Access Compromises Cisco SD-WAN vManage *

Fortinet Patches Critical Stack-based Overflow Flaw in FortiOS and FortiProxy Devices *

Researchers Publish Proof of Concept for Ghostscript's Critical RCE Vulnerability *

Russian State Hackers Use BMW Car Ads to Lure Western Diplomats *

New PyLoose Malware Hijacks Computational Power For Cryptocurrency Mining *

Microsoft Discloses a Breach of US Government Exchange Email Accounts by Chinese Hackers *

SonicWall Alerts Customers to Critical Flaws in its GMS and Analytics Suites *

Hackers Abuse Loophole in Windows Policy to Load Malicious Kernel Drivers *

Microsoft Office Zero-Day Vulnerability Exploited in Attack Against NATO Summit *

Apple Releases Critical iOS Update to Fix Zero-Day Vulnerability in WebKit *

Deutsche Bank Confirms Data Breach: Customer Data Exposed through Provider Breach *

HCA Healthcare Acknowledges Data Breach as Hacker Steals Data of 11 Million Patients *

Microsoft Patch Tuesday Security Advisory - July 2023 *

Hackers Actively Targeting Latin American Businesses Using TOITOIN Banking Trojan *

RomCom Threat Actors Target NATO Summit Attendees in Phishing Campaign *

VMware Issues a Warning Regarding the Availability of Critical vRealize RCE Flaw Exploit Code *

Apple Issues an Emergency Update Regarding Recent Attacks Using Zero-Day Exploitation *

Hackers Exploit Revolut's Payment Systems, Stealing $20 Million *

BlackByte 2.0 Ransomware Executes Infiltration, Encryption, and Extortion Within 5 Days *

Nickelodeon Launches Investigation Following Leak of "Decades Old" Data *

Charming Kitten APT Group Enhances Targeting of macOS Systems with 'NokNok' Malware *

Hackers Targets the Cloud-Native Environments of JupyterLab and Docker APIs in Silentbob Campaign *

The Latest Version of the 'Big Head' Ransomware Unveils a Bogus Windows Update Alert *

A Critical Unauthenticated SQLi Flaw Patched in MOVEit Transfer Software *

Mastodon Social Network Fixes Critical Flaws that Allow Server Takeover *

Barracuda Addresses Ongoing Email Gateway Login Challenges *

CISA Urges Govt Agencies to Patch Actively Exploited Android Driver *

Threat Actors Employ Vishing Technique to Deploy New 'Letscall' Malware *

CISA Raises Concerns of Netwrix Auditor RCE Bug Exploitation in Truebot Malware Attacks *

Two Malicious File Management Apps on Google Play Steals User Data *

Cisco Issues a Warning About a Flaw That Enables Attackers to Crack Traffic Encryption *

New Linux Kernel Vulnerability 'StackRot' Exploit Enables Privilege Escalation *

Microsoft Resolves Windows LSA Protection Warnings Bug *

Android Security Patch For July Resolves Three Actively Exploited Vulnerabilities *

New Stealer-as-a-Ransomware 'RedEnergy' Targets Energy and Telecom Sectors *

TeamsPhisher Tool Exploits Microsoft Teams Bug, Enabling Malware Delivery to Users *

Actively Exploited Flaw in SolarView Series Exposes Energy Organizations to Attacks *

Japan’s Largest Port 'Port of Nagoya' Operations Disrupted *

Mozilla Addresses 13 Vulnerabilities in the Firefox 115 Release *

Ransomware Encryption Impacts Over Two-thirds of Manufacturing Companies *

DDoSia Attack Tool Upgrades and Expands Targeting Across Multiple Businesses *

New GuLoader Campaign Targets Law Firms in the United States *

Threat Actor 'Neo_Net' Employs Android Malware to Target Global Financial Institutions *

Microsoft Denies Anonymouns Sudan’s Data Breach Claim of 30 Million Customer Accounts *

Researchers Warn that 300,000 Fortinet Firewall Appliances are Vulnerable to Attacks. *

Sophisticated Threat Meduza Stealer Targeting 19 Password Managers and 76 Crypto Wallets *

Hackers Target European Government Entities in SmugX Campaign *

BianLian Ransomware Gang Targets Leading Global Business Conglomerate 'Piramal Group' *

Hackers Exploiting WordPress's Ultimate Member Plugin Flaw in the Wild *

Samsung Phone Vulnerabilities Listed in CISA's 'Must Patch' Catalog Likely Exploited by Spyware Vendor *

BlackCat Ransomware Group Exploits WinSCP Search Ads to Distribute Cobalt Strike *

Researchers Discovered an Upgraded Version of RustBucket Malware Targeting macOS Users *

Charming Kitten, An Iranian Hacking Group Uses Updated POWERSTAR Backdoor in Espionage Attacks *

TMSC's Hardware Supplier Kinmax Technology Suffers Ransomware Attack by LockBit Ransomware Gang *

Hackers Target Vulnerable SSH Servers To Perform Proxyjacking *

North Korean Hacker Group 'Andariel' Strikes with its New EarlyRat Malware *

MuddyWater Employs a New C2 Framework Called PhonyC2 *

The Android Spy App LetMeSpy Suffers a Major Data Breach *

New Windows-Based Info Stealer Malware 'ThirdEye' Steals Sensitive Information *

Flutter-Based Fluhorse Android Malware Employed to Steal Credit Cards Details and 2FA Codes *

Critical Flaws in Social Login Plugin and LearnDash LMS Plugin for WordPress Fixed by Vendors *

SQL Injection Vulnerabilities Found in Gentoo Soko Leading To Remote Code Execution *

ArcServe Patches a High-Severity Security Vulnerability In Its UDP Backup Software *

8Base Ransomware Gang Engages in Double Extortion Attacks *

Akira Ransomware's Linux Version Encryptor Targets VMware ESXi Servers *

Google Chrome Releases New Update to Patch High-Severity Vulnerabilities *

Siemens Energy and Schneider Electric Confirms Data Breach in MOVEit Data-theft Attack *

Threat Actors Using New Unique Execution Chain to Target NPM Repository *

Outlook Web Suffers Outage Impacting Users Across America *

Mockingjay Process Injection Method Allows Malware To Evade Detection *

Suncor Energy Suffers Cyber Attack Impacting Petro-Canada Gas Station Customers *

Hackers Expose Data of 45,000 New York City Students in MOVEit Breach *

Researchers Uncover New Cybercrime Group 'Muddled Libra' Using Social Engineering to Target BPO Sector *

Japanese Cryptocurrency Exchange Hit by macOS Backdoor 'JokerSpy *

New Malware Campaign Uses Android Banking Trojan 'Anatsa' to Target Banking Customers *

Angry LastPass Users Locked Out as MFA Resets Cause Frustration *

Super Mario Game Compromised to Distribute Windows Malware *

American And Southwest Airlines Suffered a Data Breach Exposing Pilot's Credentials *

Grafana Released Patches For Critical Auth Bypass Due to Azure AD Integration *

New Strain of JavaScript PindOS Delivers Bumblebee and IcedID Malwares *

Data Breach in MOVEit Transfer Impacts Genworth Financial and CalPERS, Exposing Data of 3.2 Million Individuals *

Fortinet Resolves Critical Remote Command Execution Flaw in FortiNAC Devices *

Newly Discovered Bug in Microsoft Teams Allows Malware Distribution by External Accounts *

Phishing Campaign MULTISTORM Exploits India and U.S. with Remote Access Trojans *

CISA Updates Known Exploited Vulnerabilities Catalog with Six Additional Security Flaws *

New Cryptojacking Campaign Targets IOT and Linux Device using Trojanized OpenSSH Version *

Mirai Botnet Exploiting Multiple Vulnerabilities in D-Link, Zyxel, and Netgear Devices *

VMware Addresses Critical Vulnerabilities in vCenter Server Allowing Code Execution and Authentication Bypass *

Zyxel Fixes a Critical Command Injection Vulnerability in its Network Attached Storage(NAS) Devices *

Apple Fixes Three Zero-Day Exploits Used in Triangulation Spyware Attack *

North Korean Hacking Group 'APT37' Employing FadeStealer Malware to Conduct Cyber Espionage *

Microsoft Releases Workaround for Outlook Freezes and Slow Starts *

iOttie Discloses Data Breach Post its Official Site Hack *

Condi Malware Targets TP-Link Archer AX21 Wi-Fi Router with DDoS-as-a-Service Exploit *

Tsunami Botnet Malware Infects Linux SSH Servers *

Microsoft Resolves Critical Azure AD Authentication Flaw Allowing Complete Application Takeover *

Info-Stealing Malware Compromises Over 100,000 ChatGPT Accounts *

RDStealer Malware: Uncovering a Remote Desktop Exploitation for Data Theft from Shared Drives *

Hackers Using Fake OnlyFans Content to Distribute 'DcRAT' Malware *

ASUS Patches Critical Vulnerabilities in its Multiple Routers Models *

Iowa's Des Moines Public Schools Confirms a Ransomware Attack *

Malwarebytes Issued a Fix for the Chrome Display Issue Caused by the Windows 11 KB5027231 Update *

Researchers Uncover Advanced Toolkit Specifically Targeting Apple macOS Systems *

Massive Data Breach at India's Largest Tech Retailer Exposes Sensitive Employee and Customer Data *

BlackCat Ransomware Gang Threatens to Leak Data Stolen During Reddit's System Hack *

Microsoft States DDoS Attacks as the Root Cause of the Recent Azure and Outlook Outages *

Russian Hackers Employ USB-Spreading Malware to Target Ukrainian Government and Military Officials *

Hackers Promote New Mystic Stealer Via Malware as a Service *

Researchers Uncover Location Tracking Attack Exploiting SMS Delivery Reports *

Emerging Threat Actor Diicot Exploits Diicot Brute, a Go-based SSH Brute-Forcer, to Compromise Linux Systems *

Chinese Cyberespionage Group 'UNC4841' Behind Barracuda Zero-day Attacks *

Rhysida Ransomware Group Leaks Stolen Documents from Chilean Army *

Clop Ransomware Group Initiates Extortion of MOVEit Data-Theft Victims *

Abuse of Cloud Mining: Hackers and Threat Actors Exploit Services to Launder Cryptocurrency *

GravityRAT Malware Targets WhatsApp Backups on Android Devices *

Google Chrome's 114 Update Includes Patch for Critical Vulnerability *

Chinese Hackers Exploit DNS-over-HTTPS Protocol for Distribution of Linux Malware *

Ofcom, UK Media and Telecoms Regulator, Falls Victim to MOVEit Hack *

Critical Security Flaws Uncovered in Microsoft Azure Bastion and Azure Container Registry *

Malicious GitHub Repositories Disguised as Fake Security Researchers Distribute Zero-Day Malware *

New ChromeLoader Campaign Detected Spreading 'Shampoo' Malware through Counterfeit Warez Websites *

Microsoft Addresses Windows Kernel Vulnerability with Default Disabled Fix *

Widespread Brand Impersonation Campaign Utilizes 6,000 Websites to Fake 100 Brands *

Critical Vulnerability in WordPress Stripe Payment Plugin Exposes Customer Order Details *

New DoubleFinger Loader Targets Cryptocurrency Wallets in Cyber Attacks *

VMware Releases Patch for Zero-Day Vulnerability Exploited to Install Backdoors in Virtual Machines *

Microsoft Patch Tuesday Security Advisory - June 2023 *

Pirated Windows 10 ISOs Utilize EFI Partitions to Install Clipper Malware *

Swiss Government Suffers DDoS Attacks Post Data Leak *

'Have I Been Pwned' Discloses Zacks Investment Research's Data Breach *

Threat Actors Harness Powerful BatCloak Engine for Fully Undetectable Malware *

Researchers Uncover Security Flaws in Honda's 'PETE' e-Commerce Platform *

A Major Data Breach Exposed Personal Information of Users Via Govt’s CoWIN Portal *

Researchers Uncover a Flaw in Popular Strava App's Heatmap Feature Exposing Home Address *

University of Manchester Suffers a Cyberattack, Resulting in a Likely Data Theft *

Russian Telecom Company 'Infotel' JSC Suffers an Outage *

Critical Vulnerability in Microsoft Visual Studio Exploited to Distribute Malicious Extensions *

Fortinet Patches Critical RCE Flaw in Fortigate SSL-VPN Devices *

Hackers Impersonate Crypto News Journalists, Steal $3 Million in Digital Assets *

New SPECTRALVIPER Backdoor Targets Vietnamese Public Companies with Advanced Tactics *

New Stealth Soldier Backdoor Malware Targets North Africa in Espionage Attacks *

New Critical SQL Injection Flaws Discovered in MOVEit Transfer *

Microsoft Discovers AitM Phishing and BEC Attacks Targeting Major Financial Institutions *

Microsoft Azure Portal Suffers an Outage Claimed to be the Result of DDoS Attacks *

Asylum Ambuscade Group Combines Cybercrime with Espionage to Target Small and Medium Businesses *

Security Researchers Publish PoC for Actively Exploited Windows Win32k Flaw *

CLOP Ransomware Gang Actively Exploiting MOVEit Zero-day Flaw *

Japanese Pharmaceutical Company 'Eisai' Suffers Ransomware Attack *

AIIMS Suffers Another Cyberattack, Following November 2022 Cyberattack *

Cisco Patches Critical-Severity Flaws in Expressway Series and TelePresence Video Communication Server (VCS) *

Malicious Campaign Deploys Satacom Downloader for Spreading Crypto-Stealing Addons *

Cisco Resolves AnyConnect Bug Allowing Windows SYSTEM Privileges *

VMware Addresses Critical Vulnerabilities in Aria Operations for Networks *

Hackers Exploit Minecraft Mods to Distribute Fractureiser Malware on Windows and Linux *

Cyclops Threat Group Facilitates Distribution of Information Stealing Malware to Cybercriminals *

Researchers Discovered Over 60,000 Android Apps Installing Adware on Mobile Devices *

PowerDrop: New PowerShell Malware Targets the U.S. Aerospace Industry *

Outlook Faces Multiple Outages Allegedly Caused by Hacktivist Group Anonymous Sudan *

Google Releases Patch for Zero-Day Chrome Vulnerability Exploited in the Wild *

Android Security Patch Resolves Critical Vulnerabilities, Including Mali GPU Flaw *

Brazilian Cybercriminals Exploit LOLBaS and CMD Scripts to Target Online Bank Accounts *

Magecart-Style Campaign Exploits Legitimate Websites to Steal Credit Card Information *

Threat Actors Exploit Barracuda ESG Zero-Day Flaw to Distribute Backdoor *

$35 Million Worth of Cryptocurrency Stolen in Atomic Wallet Breach *

New Malware Campaign Targeting Online Sellers with Info-Stealer *

Splunk Addressed High-Severity Vulnerabilities in its Enterprise Products *

Chinese Hackers Camaro Dragon Employs New 'TinyNote' Backdoor for Intelligence Gathering *

US and South Korea Warn Kimsuky Hackers Impersonating Journalists to Gather Intelligence *

Google removed 32 Malicious Extensions from Chrome Web Store Downloaded by 75 Million Times *

North Korean Hackers, ScarCruft Uses LNK Files to Launch RokRAT Malware *

New MOVEit Transfer Zero-Day Vulnerability is Mass-Exploited in Data Theft Attacks *

New Horabot Campaign Targets Latin Americans' Gmail and Outlook Accounts *

Researchers warn Organisations about Saleforce 'Ghost Sites' Exposing Sensitive Information *

iPhones on Kaspersky Networks are Being Targeted with Unknown Malware *

Dark Pink APT Group Continues to Target Asia-Pacific Entities *

Hackers Pushing SeroXen RAT To Target Gaming Community *

Threat Actor 'Spyboy' Promotes Terminator Tool Capable of Bypassing AV, XDR, and EDR Solutions *

Researchers Uncover Proof-of-Concept for RCE Flaw Affecting Popular Python Library ReportLab Toolkit *

Researchers Warn About a Backdoor Functionality in Gigabyte Motherboards *

Google Releases Chrome 114; Addressing 18 Security Vulnerabilities *

Researchers Found DogeRAT Malware Targeting Indian Android Users *

RomCom Malware Impersonating ChatGPT, GIMP Spreaded via Google Ads *

Researchers Spotted 'SpinOk' Spyware Trojanized in 101 Android Applications *

Researchers Found Vulnerability in WordPress's 'Gravity Forms' Plugin Used in 930,000 Websites *

'Automattic' Rolls Security Patch to Address Critical Flaw in the Jetpack Plugin *

Apple Critical 'Migraine' Flaw Enables Attackers to Bypass System Integrity Protection *

MCNA Dental Suffers Ransomware Attack; Impacting 8.9 Million Patients *

Hacking Forum Exposed the Data of 478,000 RaidForums Members *

New GobRAT Malware Targeting Linux Routers in Japan *

Jimbos Protocol Suffered Flash Loan Attack Resulting in Theft of Over $7.5 Million *

BlackByte Ransomware Group Claims Responsibility for City of Augusta's Cyberattack *

Researcher Uncovers 'File Archiver in the Browser' Phishing Toolkit to Exploit ZIP Domains *

Emby Forced to Shutdown Hacked User-hosted Media Servers *

Unpatched Zyxel Firewalls Exploited by New Variant of Mirai Botnet *

New Bandit Stealer Malware Found Targeting Web Browsers and Cryptocurrency Wallets *

Researchers Discovered a Critical OAuth Vulnerability in Expo Framework *

QBot Malware Exploits DLL Hijacking Flaw in Windows WordPad EXE to Infect Devices *

Buhti Ransomware Gang Exploits Leaked Encryptors to Target Windows and Linux Systems *

Researchers Uncover Predator Android Spyware’s New Data Theft Capabilities *

Critical Vulnerability in Google Cloud's Cloud SQL Service Exposes Confidential Data *

D-Link Fixes Critical Vulnerabilities in its D-View 8.0 Network Device Management Platform *

New Russian-linked Malware 'COSMICENERGY' Targets Industrial Systems *

Threat Actors Found Using Encrypted RPMSG Messages in Microsoft 365 Phishing Attacks *

Barracuda Networks Patches Zero-Day Vulnerability in its Email Security Gateway Appliance *

Zyxel Patches Critical Flaws in its Firewall and VPN Products *

Researchers Uncover New Version of Legion Malware Targeting SSH Servers and AWS Credentials *

Lazarus Group Targets Microsoft IIS Servers to Deploy Malware *

Microsoft Exchange Servers Infected with the New PowerExchange Malware *

GitLab Issues an Emergency Update to Address a Critical Path Traversal Vulnerability *

Hackers Attack 1.5 million WordPress Sites by Leveraging a Cookie Consent Plugin Vulnerability *

Researchers Discover North Korean Kimsuky Group Leveraging Sophisticated Reconnaissance Toolkit *

Asian Government Entities Targeted by Newly Discovered APT Group, GoldenJackal *

Rheinmetall, German Arm Manufacturer, Falls Victim to BlackBasta Ransomware Attack *

Newly Discovered AhRat Malware Disguised in Screen Recording App on Google Play Store *

Newly Discovered Windows Kernel Driver Used by Iranian Hackers to Target Middle East Entities *

'Crypto Phishing Service 'Inferno Drainer' Steals $5.9 Million from Victims *

Microsoft 365 Suffers New Outage Causing Connectivity Issues *

Threat Actor 'GUI-vil' Exploiting AWS EC2 Instance for Crypto-mining Operations *

BlackCat Ransomware Group Employing Malicious Windows Kernel Drivers to Evade Detection *

Hackers Could Chain Two Flaws to Achieve Code Execution in Pimcore *

New Attack Method 'BrutePrint' Found Brute-Forcing Fingerprints on Android Devices *

Threat Actors Use Fake CapCut Websites to Distribute Malware *

Threat Actors Hide TurkoRAT Malware in npm Packages *

Infamous Cyber Group FIN7 is Back With Cl0p Ransomware *

Hackers Employ SIM Swapping to Target Microsoft Azure Machines *

Dish Network Likely Paid Ransom Following the Recent Ransomware Attack *

Luxottica Discloses a Data Breach; 70M Users Info Leaked *

A Faulty Security Update Taken Down ASUS Routers Globally *

CISA Issues a Warning on a Samsung ASLR Bypass Flaw *

Cryptojacking Group Exploits Oracle WebLogic Server for Cryptocurrency Mining *

'Lemon Group' Hacks Millions of Android Devices, Installing Guerilla *

New Vulnerability Discovered in KeePass Exposing Cleartext Master Password *

Retaliatory Cyberattack: Indian Hackers Target Pakistani Embassy Websites Following DDoS Attack on Indian State Police *

Apple Addresses Three New Zero-day Vulnerabilities with Patch Releases *

MalasLocker Ransomware Targets Zimbra Servers, Demands Charitable Donations *

Houthi-Linked Cyber Threat Group OilAlpha Targets Android Users in the Arabian Peninsula *

Unpatched Vulnerability Found in Belkin Wemo Smart Plugs by Researchers *

Malicious Visual Studio Extensions Discovered on Microsoft's VSCode Marketplace by Researchers *

Cisco Addresses Four Critical RCE Flaws in It's Smart Switches *

Chinese Hacking Group "Camaro Dragon" Exploits TP-Link Routers to Target European Organizations *

Hackers Exploit Geacon, a Cobalt Strike Port, to Target macOS Users *

Multiple Flaws Discovered in Kiddoware's Android Application 'Parental Control - Kids Place' *

Hackers Targeting Microsoft Azure Admin Account for Stealthy Access to VMs *

K D Hospital, a Multi-Specialty Healthcare Facility, Falls Victim to Ransomware Attack *

Researchers Found Vulnerabilities in Sierra Wireless, Teltonika Networks, and InHand Networks' Routers *

New APT Group, Lancefly Employs 'Merdoor' Backdoor *

PharMerica Suffers a Data Breach; Over 5.8 Million Patients Impacted *

New Ransomware-as-a-Service Operation, MichaelKors Targets Linux and VMware ESXi Systems *

Threat Actors Target Poorly Managed Microsoft SQL Servers Using CLR SqlShell Malware *

New Ransomware Operation, RA Group Targets US and South Korean Companies *

Rockwell Automation Fixed Multiple Vulnerabilities Present in its Products *

Threat Actors Found Exploiting Recently Fixed WordPress Plugin Vulnerability *

U.S. Transportation Department Suffers Data Breach; 237,000 Employees Impacted *

Greatness, New Phishing-as-a-Service Platform helps Cybercriminals to Generate Convincing Phishing Pages *

Researchers Uncovered a Vulnerability in Ferrari Website, Exposing Sensitive Information *

Researchers Found Multiple Vulnerabilities in Netgear's NightHawk Routers *

Toyota Disclosed Data Breach Exposing Car Location Data of 2 Million Customers for a Decade *

Attackers Exploiting Follina Vulnerability to Distribute XWorm Malware *

Discord Disclosed Data Breach After its Support Agent's Account got Compromised *

FBI and CISA Warns Bl00dy Ransomware Targets Education Sector via PaperCut RCE Flaw *

New APT Group Red Stinger Targeting East Europe's Critical Infrastructures *

Researchers Uncover Stealthier Version of Linux BPFDoor Malware *

ABB, a Swiss Automation Company Struck by the Black Basta Ransomware *

Ransomware Gangs Targeting VMWare ESXi Servers with Leaked Babuk Ransomware Source Code *

Researchers Found Critical Privilege Escalation Vulnerability in Elementor Plugins *

North Korean Hackers Breach South Korea's Seoul National University; KNPA Issues Warning *

Researcher Found New Variant of RapperBot Malware with Cryptojacking Capabilities *

Threat Actors Employ DownEx Malware to Target Government Organizations in Central Asia *

Threat Actors Deploying Aurora Stealer Via Popunder Ads *

Researchers Disclose Info on Zero-Click Windows Vulnerability Enabling NTLM Credential Theft *

New DDoS Botnet Malware AndoryuBot Exploits Critical Ruckus RCE Vulnerability *

SideWinder APT Group Deploys Server-Based Polymorphism Technique in Attacks on Pakistani Government Organizations *

Sysco, a Global Food Chain, Faces Data Breach Impacting Customer and Employee Information *

Critical Linux Kernel Netfilter Vulnerability Enables Root Privilege Escalation *

Microsoft Releases Optional Fix Guidelines for Secure Boot Zero-Day Vulnerability *

Adobe Releases Patch for 14 Vulnerabilities in Substance 3D Painter Software *

Microsoft Patch Tuesday Security Advisory - May 2023 *

Healthcare Solution Provider 'NextGen' Suffers Data Breach Impacting 1 Million Customers *

After MSI Breach, Intel Investigates Intel Boot Guard Private Keys Leak *

FBI Seizes 13 Domains Linked to DDoS-For-Hire Services *

Critical Vulnerability in Siemens Industrial Control Systems Could Disrupt Power Grid *

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine *

Researchers Found SideCopy Group's Phishing Campaign with Indian Military Themed Lures *

Researchers Uncover New Ransomware Operation Dubbed 'Cactus' *

New Ransomware 'Akira' Targets Enterprise Networks *

Vulnerability in OpenAI's Account Validation Process Allows Unlimited Credits *

A Security Incident Exposed Private Tweets of Twitter Circle *

Fortinet Releases Patches for High-Severity Vulnerabilities in FortiADC and FortiOS *

New PaperCut RCE Exploit Bypasses Existing Detections *

Dragon Breath APT Group Targets Gambling Industry Using Double-Clean-App Technique *

Hackers Employ New Web-Inject Toolkit DrIBAN to Target Italian Banking Clients *

Threat Actors Hack Packagist Repository; Dozen PHP Packages Compromised *

New Android FluHorse Malware Targets Users with Malicious Apps *

Updates for Android Fixes a Kernel Flaw used in Spyware Attacks *

ALPHV Gang Breaches Constellation Software in a Ransomware Attack *

Two WordPress Custom Field Plugins Exposes Over 1M Sites to XSS Attacks *

Cisco Disclosed New RCE Vulnerability in Cisco SPA112-Port Phone Adapters *

Meta Thwarts a Malware Campaign that Used ChatGPT to Steal Accounts *

ALPHV Ransomware Added McDermott International to its Victim List *

Researchers Found New Android Subscription Malware 'Fleckpe' on Google Play *

Three New Vulnerabilities Found in Microsoft Azure API Management Service *

City of Dallas Suffers Royal Ransomware Attack Resulting in Shutdown of its IT Systems *

Russian Hacking Group 'Sandworm' Utilizes WInRAR to Erase Ukrainian Government's Data *

New Info-stealing Malware 'NodeStealer' Steal Cookies to Hijack Facebook Accounts *

Dragon Breath Group Employs New Double DLL Sideloading Technique to Evade Detection *

A Data Breach at Brightline Affects 783,000 Pediatric Mental Health Patients *

Hackers Exploit Authentication Bypass Vulnerability and RCE Vulnerability in DVR Devices *

Iranian Government's BouldSpy Android Spyware Found Targeting Minority Groups *

Researchers Uncover Three New Flaws in FRRouting Software *

Cryptocurrency Exchange Platform Level Finance Hacked, Resulting in Loss of 214k LVL Tokens *

CISA Added TP-Link, Apache, and Oracle Vulnerabilities to its Known Exploited Vulnerabilities Catalog *

Servers Running Salesforce Software Are Leaking Sensitive Data *

Researchers Found Threat Actors Distributing New LOBSHOT Malware via Google Ads *

Vietnamese Threat Actor Employs Malverposting Tactics to Infect 500,000 Devices *

Hackers Target AT&T Email Accounts to Steal Cryptocurrency *

Russian Hackers Target Ukrainian Government with Phishing Emails *

Sharpboys Breach Israeli Prime Minister Benjamin Netanyahu's Facebook Account *

Americold, A Leading Cold Storage Company Suffered Outage Followed by Network Breach *

Hackers Found Targeting Vulnerable Veeam Backup Servers Exposed on the Internet *

Zyxel Addresses Critical Vulnerabilities in its Firewall Devices *

Hackers Use Realistic Checkout Forms to Steal Credit Cards *

CISA Issued a Warning about Critical Vulnerabilities in Illumina's DNA Sequencing Systems *

Researchers Found New Variant of ViperSoftX Info-Stealing Malware with Broader Range of Targets *

New macOS Info-stealing Malware 'Atomic' is being Sold Via Private Telegram Channel *

Multiple Malicious Gaming Apps Found Distributing Adware on Google Play *

Russian Hacking Group Found Operating New Politically Motivated Surveillance Campaign Paperbug in Tajikistan *

Researchers Found RTM Ransomware Group Using New Linux Encryptor to Target VMware ESXi Servers *

Researchers Found Chinese Hacking Group Gallium Using New Linux Malware Strains in Cyberespionage *

PrestaShop Releases New Version to Fix a Critical SQL Filtering Vulnerability *

Apache Superset Servers are Vulnerable to Authentication Bypass and RCE Attacks *

Cisco Discloses New Zero-Day Vulnerability in its Prime Collaboration Deployment (PCD) Software *

Evasive Panda Hacking Group Targets Tencent QQ Messaging App with MgBot Malware *

Researchers Found New Version of Mirai Botnet Malware Exploiting a Vulnerability in TP-Link WiFi Routers *

VMware Released Patches for Critical Vulnerabilities Discovered in its Workstation and Fusion Software Hypervisors *

New Critical SLP Vulnerability Allows Massive 2200X DDoS Amplification Attack *

Iranian Hackers Targeting Israel with a PowerLess Backdoor Via Phishing Attacks *

APC Addresses Critical Vulnerabilities in its Easy UPS Online Monitoring Software *

Canadian Directory Publisher Yellow Pages Suffers a Cyberattack Resulting in Data Leak *

Researchers Found New Side Channel Attack Affecting Multiple Generations of Intel CPUs *

Attackers Hacked KuCoin’s Twitter Account to Promote Crypto Scam *

Microsoft 365 Search Outage Impacts Outlook, Teams, and Exchange Online *

Hackers can Abuse Improperly Wiped Corporate-grade Routers to Gain Sensitive Data *

CISA Adds Three More Security Flaws to its Known Exploited Vulnerabilities Catalog *

Researchers Found a New Malware Toolkit Dubbed Decoy Dog via Anomalous DNS Traffic *

In Both Europe and the US, EvilExtractor Seen an Uptick in Malware Activity *

Alongside 3CX Breach, Lazarus X_TRADER Hack Affects Critical Infrastructure *

Google Ads Support Ransomware Gangs to Employ the BumbleBee Malware *

MediaWiki and TWiki-based University Websites Compromised to Spread Fortnite Spam *

GhostToken Flaw Enable Attackers to Hide Malicious Apps in Google Cloud Platform *

American Bar Association Suffers Data Breach, Affecting 1.4 Million Members *

Kubernetes RBAC Exploited in a Large-scale Cryptocurrency Mining Campaign *

African Telecommunication Service Providers are Targeted by Daggerfly Threat Group *

Attackers Abuses Abandoned 'Eval PHP' WordPress Plugin to Compromise Websites *

Lazarus Threat Group Found Using Linux Malware in Fake Job Campaigns *

Two Critical Vulnerabilities Found In Alibaba Cloud's ApsaraDB RDS and AnlayticDB for PostgreSQL *

VMware Addresses Critical Arbitrary Code Vulnerability in its Aria Operations for Logs *

Threat Actors Using AuKill Hacking Tool to Disable EDR Software on Targeted Systems *

PaperCut Warns of Critical Vulnerabilities that are Actively Exploited in the Wild *

Blind Eagle Threat Group's New Multi-Stage Attack Pushes NjRAT Trojan on Compromised Systems *

Researchers Found Attackers Deploying Trigona Ransomware on Unsecured Microsoft SQL Servers *

Pakistani Hackers Transparent Tribe Target Indian Government Agencies Using Linux Malware Poseidon *

Google Addressed Another Zero-Day Vulnerability in Chrome Browser *

Vice Society Ransomware Gang Leaks Data Stolen from US Network Infrastructure Giant CommScope *

Iranian Hackers Leveraging Legitimate Simplehelp Remote Support Software to Carry Out Persistent Attacks *

CISA, FBI Alerts on Russian State-Sponsored APT28 Threat Group Targeting Cisco Routers *

Iranian Hacking Group 'Mint Sandstorm' Targets US Critical Infrastructure in Retaliation to Iranian Attacks *

CISA Adds macOS and Chrome Bugs to its Known Exploited Vulnerabilities Catalog *

A Security Researcher Published New Sandbox Escape PoC Exploit for VM2 Library *

Ex-Conti Members Collaborate with FIN7 Hacking Group to Push New Domino Malware *

QBot Malware is Now Distributed Using Malicious PDFs and Windows Script Files *

New Credential-Stealer Zaraza Bot Targets 38 Different Web Browsers, Including Google Chrome *

Hackers Abused Google Command and Control Red Team Tool in Data Theft Attacks *

New Android Malware Chameleon Targets Users in Australia and Poland *

Researchers Found New LockBit Encryptors Targeting macOS Devices *

The Indian Cybercrime Coordination Center Issued an Alert on 'Hacktivist Indonesia' Group Targeting Govt Websites *

Researchers Found Hackers Using Action1 RMM in Ransomware Attacks *

NCR’s Aloha POS Platform Suffers an Outage as a Result of BlackCat Ransomware *

Attackers are Spreading Android Goldoson Malware Via 60 Google Play Apps *

Kodi Suffered a Data Breach Exposing 400K User Records *

Researchers Found Vice Society Ransomware Using New PowerShell-Based Data Theft Tool in Attacks *

CISA Adds Two Actively Exploited Vulnerabilities in Android and Novi Survey to its KEV Catalog *

Google Chrome Releases Emergency Update to Fix a Zero-Day Vulnerability *

Russian State Sponsored APT29 Group Targeting NATO and European Union Countries *

Researchers Uncover 'Read The Manual' Locker Cyber-criminals *

Researchers Found New Legion Tool with Credential Harvester and SMTP Hijacking Capabilities *

Microsoft Warns of a Phishing Campaign Targeting Tax Preparers and Accounting Firms *

Pakistani Hackers 'Transparent Tribe' Targeting Educational Institutions of India *

Security Researchers Warn to Patch Critical MSMQ Vulnerability in Windows *

Hyundai Suffers Data Breach Exposing Customers’ Personal Data *

Kyocera Addressed a Vulnerability in its Android Printing App that can be Abused to Install Malware *

Fortinet Patches Critical Vulnerability in its FortiPresence *

Microsoft Patch Tuesday Security Advisory - April 2023 *

A New 'By-Design' Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers *

Infected Websites Distributing Monero Malware via Fake Google Chrome Update Errors *

Attackers Hacked iPhones via Invisible Calendar Invites to Drop Spyware *

Microsoft Patched Actively Exploiting Zero-day Vulnerability in Windows CLFS *

SAP Addresses Two Critical-Severity Vulnerabilities in its April 2023 Security Updates *

European HR and Payroll Management Company SD Worx Suffers a Cyberattack *

NPM Repository Flooded with Malicious Packages Causing DoS Attack and Service Unavailability *

Apple Patches Two Zero-day Vulnerabilities on Older iPhones and iPads *

Researchers Found New Cryptojacking Campaign Targeting Linux Machines *

Scammers Using Authentic YouTube Email Address to Lure Users into Providing Credentials *

Iran-based Hackers Carrying Out Destructive Attacks in Disguise as of Ransomware *

Researchers Disclose Critical RCE Flaw in vm2 Sandbox Library *

CISA Urges Agencies to Address Backup Exec Issues Exploited by a Ransomware Gang *

Massive Balada Injector Campaign Targeting WordPress Sites Since 2017 *

MSI Affirms Security Breach Accusations Post Ransomware Attack *

Apple Patches 2-Zero days Exploited to Hack iPhones and Macs *

Cisco Released Patches for Multiple Vulnerabilities in its Various Products *

Medusa Ransomware Acknowledges Cyberattack on the Open University of Cyprus *

Money Message Ransomware Claims MSI Breach; Demands 4 Million USD *

Google Patches Several Security Vulnerabilities with Chrome 112 *

Researchers Found Four Vulnerabilities in the Popular Japanese Word Processor 'Ichitaro' *

CISA Warns on Vulnerabilities Discovered in Nexx Smart Devices *

New Clipper Malware 'CryptoClippy' Targeting Portuguese Cryptocurrency Users *

Researchers Found Threat Group Mantis Using Upgraded Malware to Target Palestinian Entities *

Researchers Found New Version of Typhon Information-Stealer with Enhanced Anti-Analysis and Evasion Capabilities *

Google Announced Android's April 2023 Security Update Addressing Over 65 Vulnerabilities *

Researchers Found New Rilide Malware Targeting Chrome-Based Browsers to Steal Cryptocurrency *

ALPHV Ransomware Exploits Three High-Severity Vulnerabilities in Veritas Backup Software *

Check Point Researchers Spotted New Rorschach Ransomware Deployed Against a US-Based Company *

IRS-Authorized 'eFile.com' Website was Found Serving JavaScript Malware *

HP Announces Critical Information Disclosure Flaw in its LaserJet Printers to be Patched within 90 Days *

Researchers Found New Information-Stealing Malware 'OpcJacker' Used in Malvertising Campaigns *

Hackers Using Malicious WinRAR Self-Extracting Archives to Plant Backdoors on Devices *

Hackers Target Victims of 3CX Supply Chain Attack with Gopuram Malware *

Researcher Found Multiple Vulnerabilities in Osprey Pump Controller *

American Telecommunication Company Lumen Technologies Suffered Two Cyberattacks *

Researchers Discovered a New 'Money Message' Ransomware Extorting $1 Million *

Fake Threat Group Midnight Extorting Previously Breached U.S. Companies *

Researchers Found Cylance Ransomware Targeting Linux and Windows Systems *

TMX Finance and its Subsidiaries Suffers Data Breach Affecting 4.8 Million Customers *

Hackers Exploited a High Severity Flaw in the Elementor Pro WordPress Plugin to Upload Backdoors *

Researchers Found Threat Actors Exploiting 10 Year Old Windows Vulnerability with 'opt-in' Fix in Recent Attacks *

A Severe Super FabriXss Vulnerability has been Discovered in Azure Service Fabric Explorer *

Researchers Found Malware Botnets Exploiting Realtek and Cacti Vulnerabilities *

New AlienFox Toolkit Targets Popular Cloud Services for Credential Harvesting *

Chinese Threat Group RedGolf Uses a Custom Backdoor KEYPLUG to Target Windows and Linux Systems *

Threat Group Winter Vivern Exploiting a Zimbra Vulnerability to Steal NATO Emails *

CISA Added Five Vulnerabilities Exploited to Drop Spyware to its Known Exploited Vulnerabilities Catalog *

A Misconfigured Microsoft Bing Application Allows to Breach the Office 365 Users *

Hackers Compromised 3CX Desktop App Using Digitally Signed and Trojanized Version of 3CX (VOIP) *

Researchers Discovered a New Malware ‘Melofée’ Targeting Linux Server *

QNAP Addresses High Severity Linux Sudo Vulnerability in NAS Devices *

Hackers Exploited 'burn' Smart Contract Function in SafeMoon's Liquidty Pool to Drain $8.9 Million *

Clop Ransomware Breached Crown Resorts' Network by Exploiting GoAnywhere Zero-day Vulnerability *

Security Researchers Disclosed WiFi Protocol Vulnerability Allowing Attackers to Hijack Network Traffic *

Researchers Found Trojanized Tor Browsers Targeting Russians with Crypto-Stealing Malware *

Attackers Targeted European Entities to Distribute Remcos RAT and Formbook Malware *

Pakistan-Based SideCopy APT Group Targeting India's DRDO with Action RAT *

Researchers Found New Variants of IcedID Loader Delivering Other Malware *

A New MacStealer Malware Targeted Mac Users and Stealing iCloud Keychain Credentials *

Apple Fixes WebKit Zero-Day Bug on Older iPhones *

Twitter Removes Source Code that Leaked on GitHub and Searching for Downloaders *

Attackers Targeting U.S. Taxpayers in New Emotet Phishing Campaign *

Critical Flaw in AI Testing Framework MLflow May Expose AI and Machine-Learning Models *

OpenAI Reveals About ChatGPT User Data Exposure Incident *

Microsoft Warn of Outlook Vulnerability Exploited by Russian Attackers *

Procter & Gamble Discloses Data Breach via GoAnywhere Zero-day *

Chinese Nuclear Energy Institutions Targeted by 'Bitter' Espionage Hackers *

Lionsgate's Streaming Network Reveals Over 37 Million Subscribers' Data *

Malicious Python Package Employ Unicode Technique to Evade Detection *

Researchers Disclose Chinese Nation State Hackers' New Attack Strategies *

Threat Actors Targeting 450 Financial Apps Using Android Banking Trojan *

Code Hosting Platform 'GitHub' Swiftly Replaces Exposed RSA SSH Key *

Play Ransomware Gang Publishes Data Stolen From Maritime Firm Royal Dirkzwager *

WordPress Fixed a Critical Vulnerability in WooCommerce Payments Plugin *

BlackGuard Stealer Targeting 57 Cryptocurrency Browser Extensions and Wallets *

Cisco Addressed High Severity Vulnerabilities in its IOS and IOS XE Software *

Microsoft Fixes Windows 11 Snipping Tool's Acropalypse Privacy Flaw *

Researchers Warn About Kimsuky Threat Group Stealing Gmail Content *

Researchers Published Proof-of-Concept (PoC) for Netgear Orbi Mesh Wireless System Vulnerabilities *

A Trojanized ChatGPT Chrome Extension Found Stealing Facebook Accounts *

CISA Warned on Critical Vulnerabilities in Industrial Control Systems Products *

Play Ransomware Gang Released Data Allegedly Stolen From Logistics Services Company Royal Dirkzwager *

Mozilla Fixes Firefox Crash Issue in Windows 11 and macOS Systems *

Hackers Employing New CommonMagic and PowerMagic Malware To Steal Victims' Information *

Threat Actors Targeting Linux Servers with Different Variants of ShellBot Malware *

Fraudsters Extort 1 Crore INR from 81 Users Via a Mobile Payment App *

Threat Actors Exploited a Zero-day Vulnerability in General Byte Bitcoin ATMs *

Ferrari, Italian Luxury Sports Car Manufacturer Discloses a Data Breach *

Realtek SDK, Huawei Routers, and Hadoop YARN Servers are Targeted by New HinataBot Botnet *

FBI, CISA and MS-ISAC Releases Advisory to Warns About LockBit 3.0 Ransomware Attacks *

New Trigona Ransomware Targets Australia, United States and European Countries *

Threat Actors Now Distributing Emotet Malware via Malicious Microsoft OneNote Files *

NBA Suffers Data Breach that Exposes its Fans' Personal Information *

Scammers Abuse Twitter’s 'Quote Tweet' Feature to Target Bank Customers *

Attackers Distributing Android Malware 'FakeCalls' in South Korea *

A Cyberattack at Latitude Financial Services Leads to Data Theft at Two Service Providers *

Google Warned About 18 Zero-Day Flaws in Samsung's Exynos Chipsets *

Attackers Abuse Adobe Acrobat Sign to Deliver Redline Info-Stealing Malware *

Mozilla Announced the Release of Firefox 111 with Dozen of Vulnerability Patches *

Attackers Hacked U.S Federal Agencies Using Old Telerik UI Vulnerability *

Researchers Discovered First Dero Cryptojacking Campaign Targeting Kubernetes *

Healthcare Provider ILS Suffered a Data Breach Exposing 4.2 Million Patient Data *

Researchers Disclosed the Technical Details of Critical Microsoft Outlook Vulnerability *

Tick APT Group Compromised a Data-Loss Prevention Company in East Asia *

CISA Added a Critical Adobe ColdFusion Vulnerability to its Known Exploited Vulnerability Catalog *

New Threat Group YoroTrooper Running Cyber-Espionage Campaign Against CIS Government Organizations *

Rubrik Suffers Data Breach in GoAnywhere Zero-Day Attack *

SAP Addressed Five Critical Vulnerabilities in its Security Updates *

Microsoft Patch Tuesday Security Advisory - March 2023 *

Euler Finance Lost $197 Million in Crypto in Flash Loan Attack *

Dark Pink APT Group Using KamiKakaBot Malware Against Southeast Asian Government and Military Entities *

A Massive Cyberattack Hijacks East Asian Websites to Redirect Victims to Adult Content *

Threat Actors Using AI-generated YouTube Videos to Spread Info-stealer Malware *

Researchers Discovered Critical Security Vulnerabilities in Akuvox E11 Video Doorphone *

Unidentified Attackers Target Government Networks by Abusing New FortiOS Bug in Zero-Day Attacks *

Researchers Disclosed a Cross-Site Search Vulnerability in OpenSea NFT Marketplace *

Researchers Found a New CASPER Attack that Leaks Data from Air-gapped Computers *

German Vehicle Manufacturer BMW Exposes Clients Data and Business Secrets *

U.S. Office Supply Distributor Essendant Suffers Multi-Day Outage *

Updated Version of Prometei Malware Found Infecting 10000 Systems Worldwide *

Clop Ransomware Gang Starts Extorting GoAnywhere Zero-Day Exploit Victims *

Researchers Found BATLOADER Malware Abusing Google Ads to Deliver Secondary Payload *

New Threat Actor UNC2970 Targeting Security Researchers Using New Custom Malwares Families *

Researcher Found New GoBruteforcer Malware Targeting Servers with phpMyAdmin, MySQL, FTP, Postgres Services *

CISA Adds Two Vulnerabilities to its Known Exploited Vulnerabilities Catalog *

Cerebral Healthcare Platform Suffered a Data Breach Affecting 3.18 Million Patients *

Researchers Found the New Variant of Xenomorph Android Malware Targeting Over 500 Banks *

Threat Actors Exploiting Remote Desktop Software Vulnerabilities to Spread PlugX Malware *

New Variant of IceFire Ransomware is Now Actively Targets Linux Systems *

Attackers Targeted Oracle WebLogic Servers with New ScrubCrypt Crypter *

A Chinese Hacking Campaign Targets Unpatched SonicWall SMA Appliances to Install Custom Malware *

AT&T Vendor Hack Results in the Disclosure of 9 Million Customer Records *

Researchers Reported About Bitwarden's Autofill Feature Flaw that can be Abused to Steal Credentials *

New Sharp Panda Campaign Targets Southeast Asian Government Entities with Soul Malware *

Veeam Addressed a High Severity Backup Services Vulnerability Affecting its Backup Infrastructure *

Fortinet Fixed a Critical RCE Vulnerability Affecting FortiOS and FortiProxy *

SYS01stealer: A New Attack Targeting Critical Infrastructure Enterprises Using Facebook Ads *

Transparent Tribe Hackers Employ Trojanized Messaging Apps to Distribute CapraRAT *

Microsoft Releases a Fix for Outlook Login Issues in Exchange Environments *

Acer Discloses Breach Following the Sale of 160GB of Data on a Hacking Site *

The March 2023 Android Update Addresses Two Critical Code Execution Flaws *

New HiatusRAT Malware Found Targeting DrayTek Vigor Routers for Data Theft *

Researcher Found Blackfly APT Group Targeting Asian Entities *

Experts Revealed About a Blind Spot in Google Cloud Platform that Leads to Data Exfiltration Attacks *

Researcher Published Proof-of-Concept for Microsoft Word's Critical RCE Vulnerability *

The Sandbox Blockchain Games’ Employee Account Hacked to Send Malware-Linked Emails *

Threat Actors Using Malicious Microsoft OneNote Attachments to Infect Windows Systems *

Researchers Found New FiXS ATM Malware Targeting Banks of Mexico *

Tennessee State University and Southeastern Louisiana Universities Suffers Cyberattack *

CISA and FBI Warn of Increased Royal Ransomware Attacks *

Researchers Found Thousands of Websites Compromised Using Stolen FTP Credentials *

Threat Actors Launch New Cryptojacking Campaign, Targeting Misconfigured Redis Database Servers *

Microsoft Fixed MMIO Information Disclosure Vulnerabilities in Intel CPUs *

Experts Uncover a Full-Featured Information Stealer and Trojan in a Python Package on PyPI *

Scammers Target Trezor Customers with Fake Data Breach Notifications *

Aruba Networks Patched Six Critical-Severity Vulnerabilities Impacting ArubaOS Versions *

Iron Tiger Attackers Create New Linux Version of their Custom SysUpdate Malware *

Cisco Addresses Critical RCE Vulnerability in Web UI of Multiple IP Phones *

BlackLotus is the First UEFI Bootkit Malware to Bypass Secure Boot Defenses on Windows 11 *

Microsoft Addressed a Global Outage Impacting its Exchange Online Mailboxes *

Blind Eagle Hackers Targeting Colombian Entities via Spear-Phishing *

Attackers Using Advanced Hacking Operation SCARLETEEL to Infiltrate Cloud Services *

Researchers Identified Pair of Security Defects in Trusted Platform Module (TPM) 2.0 *

American TV Giant Dish Network Confirms Ransomware Attack Behind Multi-Day Network Outage *

CISA Alerts on Active Exploitation of ZK Java Framework RCE Flaw *

Attackers Promoting New Exfiltrator-22 Post-Exploitation Framework to Spread Ransomware *

LastPass Releases Additional Information on December 2022 Password Vault Data Breach *

Researchers Found Mysterious Nevada Group Targeting Thousands of Cloud Servers *

Attackers Use LinkedIn URL Shortener to Send Amazon Prime Phishing Emails *

Two Critical Flaws in WordPress Houzez Theme and Plugin are Being Actively Exploited in the Wild *

U.S. Marshal Service Suffered a Data Breach Followed by Ransomware Attack *

Ohio’s Largest Oil Producer Encino Energy Targeted by Cyberattack *

ChromeLoader Campaign Now Distributing Malicious VHD Files Disguised as Game Programs *

Cyberattacks Target Data Center Organizations to Steal Information *

News Corp's Data Breach Statement Reveals Hackers were on it's Network for 2 Years *

Attackers Flood NPM Repository with 15000 Malicious Packages Containing Phishing Links *

American TV Giant Dish Network Suffers an Outage *

Stanford University Suffers Data Breach Affecting 897 PhD Applicants *

Researchers found Unknown Threat Actors Targeting Government Entities with PureCrypter Malware *

Pirated Final Cut Pro Software Targets macOS for Cryptocurrency Mining *

Researchers Discover a Cyber Group Employing Lilith RAT and Atharvan Malware to Target the Material Research Industry *

Dole, a Fruit and Vegetable Company, Hit by a Ransomware Attack *

Analysts Warn of Increasing Attacks Leveraging Zoho ManageEngine Products *

Canada’s Second Largest Telecom TELUS Investigating a Possible Data Breach *

Cisco Addresses High-Severity Vulnerabilities in its Application Centric Infrastructure Components *

Attackers Exploited R1Soft Server Backup Manager Vulnerability to Deploy Backdoor *

New S1deload Info-Stealer Malware Targets YouTube and Facebook Accounts *

Shipping and Medical Laboratories are Targeted by New Threat Actor Hydrochasma *

Hackers Using Fake ChatGPT Apps to Distribute Windows and Android Malware *

VMware Fixed a Critical Injection Flaw in Carbon Black App Control *

CISA Adds Three New Security Flaws to its Known Exploited Vulnerabilities Catalog *

Security Researchers Release the Proof-of-Concept Exploit for Critical Fortinet's FortiNAC RCE Flaw *

Researchers Found MyloBot Botnet Infecting Thousands of Systems Everyday *

Video Game Publisher Activision Suffered a Data Breach *

Pakistani Threat Actor SideCopy Targeting Indian Government Agencies Using ReverseRAT Backdoor *

Apple Updated its Security Advisories to Add New Class of Vulnerabilities *

Researchers Found a New Stealc Malware with Wide Range of Capabilities *

HardBit 2.0 Ransomware Operators Use Victim’s Insurance Details to Set Up Ransom Payment *

Samsung Adds New Security Feature to Protect Against Zero-Click Attack *

Indian Ticketing Platform RailYatri Suffered a Data Breach Affecting 31 Million Customers *

Attacker Targeted Coinbase Employees in Smishing Attack *

Attackers Using New Version of OxtaRAT Backdoor to Target Armenian Entities *

Researchers Found a New WhiskerSpy Backdoor Delivered via Trojanized codec Installer *

Threat Actors Exploiting Microsoft Exchange ProxyShell Vulnerabilities to Deploy Cryptocurrency Miners *

Experts Found Attackers Targeting South Korean Journalists with RambleOn Malware *

Researchers Found New Mirai Botnet Variant Targeting Linux and IoT Devices *

GoDaddy Reports a Multi-Year Security Breach it Suffered *

Threat Actors Targeted Microsoft IIS Servers with New Frebniis Malware *

Fortinet Patches Two Critical Security Flaws in FortiNAC and FortiWeb Product *

CISA Alerts on Windows and iOS Vulnerabilities Exploited as Zero-Days *

Louisiana HBCU's Xavier University Reported a Data Breach that Occurred in November 2022 *

Researchers Found an Authenticated RCE Vulnerability in Arris Router *

Scandinavian Airlines Suffered Cyberattack Exposing Customer Data *

Burton Snowboards Cancelled Online Orders Following Cyber Attack *

RedEyes APT Group Using New Malware 'M2RAT' to Steal Victims' Data *

Splunk Patches High Severity Vulnerabilities in its Enterprise Solution Update *

New Stealthy Malware 'Beep' is Very Focused in Avoiding Detection *

Tonga Communications Corporation Suffers Ransomware Attack *

Hyundai and Kia Car Thefts Rise due to TikTok Challenge *

Hackers Using New MortalKombat Ransomware and Laplas Crypto-Hijacker Targeting U.S Victims *

Community Health Systems Suffers Data Breach Affecting One Million Patients *

Microsoft Exchange Server 2013 Reaches End of Support Lifecycle in April 2023 *

Al-Toufan Hacking Group Targets Websites of Bahrain Airport and News Sites *

Microsoft Patch Tuesday Security Advisory - February 2023 *

United States’ Largest Bottler Pepsi Bottling Ventures Suffers Data Breach *

Garrison Women's Health Suffered Data Breach Affecting 4,000 Patients *

Apple Addressed New Actively Exploited WebKit Zero-Day Vulnerability *

Cloudflare Detects and Mitigates Largest Recorded DDoS Attack *

Modified Version of ESXiArgs Ransomware Blocks VMware Host Recovery *

New Ransomware Group DarkBit Targets Israel's Top Research University Technion *

Threat Actors Hacked Namecheap’s Email Account to Send Phishing Emails *

CISA Warns About North Korean Hackers Targeting Healthcare Organizations in Ransomware Attacks *

CISA Adds Three More Security Flaws to its Known Exploited Vulnerabilities Catalog *

Multiple Medical Groups in California Suffered a Ransomware Attack *

Researchers Found Malicious Packages on PyPI and NPM Repositories *

Play Ransomware Claims Attack on A10 Networks *

Clop Ransomware Gang Claims Exploiting GoAnywhere Zero-Day Flaw *

Microsoft Announces Retirement of Microsoft Support Diagnostic Tool (MSDT) and Troubleshooters *

Researchers Found Multiple Vulnerabilities in Wireless Industrial Internet of Things (IIoT) Devices *

NewsPenguin Threat Actor Targets Pakistani Entities in Phishing Campaign *

Russian Hackers Use Fake Crypto Job Offers to Push Enigma Malware *

Reddit Hit by Cyberattack that Allowed Hackers to Steal Source Code *

The Largest Canadian Bookstore Indigo Suffered a Cyberattack *

Researchers Found Russian Hackers Using New Graphiron Malware to Target Ukraine *

Ross Memorial Hospital in Lindsay Hit by a Cyberattack *

Munster Technological University (MTU) in Ireland Suffers a Major IT Breach *

Multiple Document Management Systems Found with Unpatched Security Vulnerabilities *

Google Released Chrome 110 that Addresses 15 Vulnerabilities *

Pharmaceutical Distributor AmerisourceBergen Hit by a Cyberattack *

Researchers Found New Medusa Botnet Targeting Linux Users *

GuLoader Malware Targets E-commerce Industry Using Malicious NSIS Executables *

Developers Release an Emergency Patch for GoAnywhere MFTaaS's Actively Exploited Zero-Day Flaw *

Researcher Disclosed a Flaw Detected in Toyota's Global Supplier Management System (GSPIMS) *

Google Chrome to End Support for Windows 7,8,8.1, Windows Server 2012, and 2012 R2 Starting February 2023 *

OpenSSL Releases a Patch to Fix High-Severity Vulnerabilities *

U.S. Cellular's Third-Party Vendor Suffers Data Breach Affecting its 52000 Customers *

Researchers Disclosed About High-Severity Format String Vulnerability Present in F5 BIG-IP *

India’s Largest Truck Brokerage Company FR8 Exposes 140GB of Information in a Data Leak *

TgToxic Malware is Targeting Android Users from Southeast Asia *

Hackers Mimicking Ukrainian Ministry Officials to Deploy Malware *

TruthFinder and Instant Checkmate Discloses a Data Breach Affecting 20 Million Consumers *

A New Wave of Ransomware Attacks Targeting ESXi Systems Using a VMware Flaw *

Major Internet and Power Outages Struck Bermuda *

A New Android Banking Trojan is Aimed at Brazilian Financial Institutions *

A GoAnywhere MFT Zero-day Flaw Enables Server Intrusion *

Florida Hospital Shuts Down its IT Systems Post a Cyberattack *

Threat Actors Targeting Vulnerabilities in SugarCRM and Oracle E-Business Suite *

Jira Software from Atlassian has a Critical Authentication Vulnerability *

Hackers from Iran's Oil Rig Using a New Backdoor to Steal Data from Government Agencies *

Hackers Use KoiVM Virtualization Technology to Evade Detection when Installing the Formbook Data Stealer *

North Korean Lazarus Hacking Group Stole 100GB of Data Via Campaign Named "No Pineapple!" *

Financial Software Provider, ION Group, has been Hit by a Ransomware Attack Affected Global Markets *

Cisco Addressed High-Severity Vulnerability in its IOx Application *

Car Retailer Arnold Clark Suffers a Data Breach Claimed by Play Ransomware *

Hackers Stolen the Details of 240,000 Skating Customers from Planet Ice *

Fraudulent Crypto Apps Infiltrate Apple App Store and Google Play Store *

BlackCat Ransomware Gang Claims an Attack on Solar Industries, an Industrial Explosives Manufacturer *

Hackers Used Google Fi Data Breach to Carry Out SIM Swap Attacks *

A Phishing Attack Against Latvia’s Ministry of Defense Linked to Russian Hacking Group *

Guildford County School Suffers a Cyberattack Resulting in Outage *

US Telecommunications Company Charter Communication Impacted by Third-Party Data Breach *

Indianapolis Housing Agency Suffers Ransomware Attack Affecting 212,910 Peoples *

Hackers Advertising New Golang-Based Malware via Telegram Channel *

Attackers Stole Encrypted Code-Signing Certificates of GitHub Desktop for Mac and Atom Apps *

Developers Disagree with a New Vulnerability Reported in KeePass Software *

QNAP Fixes a Critical Vulnerability in its NAS Devices *

UK Retail Company JD Sports Suffered a Data Breach Affecting 10 Million Customers *

A Critical Vulnerability in Lexmark Printers Affects Over 120 Models *

Researchers Found Gootkit Malware with New Components and Obfuscation Techniques *

ISC Patched Multiple High-Severity DoS Vulnerabilities in DNS Software Suite BIND *

Researchers Warn About Multiple Vulnerabilities in Healthcare Software OpenEMR *

Researchers Found Attackers Using Portable USB Storage Devices to Spread New Variant of PlugX Malware *

Several Malicious Apps have been Found on Google Play Store with Over 5 Million Downloads *

Hackers Using New SwiftSlicer Data Wiper to Infect Windows OS *

A Major Microsoft 365 Outage was Caused by a Change in WAN Router IP Address *

A Hacker Group Called Sandworm Attacked a Ukrainian News Agency with Five Data Wipers *

Researcher Found 75,000 WordPress Sites Still Using Vulnerable LearnPress Plugin Version *

Data Breach Against Two Health Service Organizations Affected 400,000 Individuals *

BayCare Clinic Suffers Data Breach Due to Tracking Pixel Used by Third Party Vendor *

German Airport's Websites, Administration Bodies, and Financial Sector Organizations Suffers DDoS Attack *

New Mimic Ransomware Uses 'Everything' Windows Search Tool to Encrypt Files *

The CISA of Federal Organizations Breached Using Legit Remote Desktop Software *

Phishing Campaigns Employ New Python RAT Malware to Target Windows *

Threat Actors Leveraging Critical Realtek SDK Flaw in Millions of Attacks *

North Korean Hackers Actively Harvesting Credentials in the Latest Cyberattacks *

Zacks Investment Research Security Breach Affects 820,000 Customers *

Researchers Found Threat Actors Abusing Google Ads to Spread Malware *

DragonSpark Attackers Group Use Golang Malware to Evade Detection *

Several Microsoft Services Including Teams, Outlook, Store Stop Responding: Microsoft Probes Outage *

Arm Mali GPU Vulnerability Leads to Arbitrary Kernel Code Execution and Root on Pixel 6 Phones *

A Vulnerability in Diksha App Exposed Personal Information of Millions of Indian Teachers and Students *

Zendesk Suffered Data Breach After its Employee Fell into Phishing Attack *

Security Researchers Disclosed Two Security Flaws in Samsung's Galaxy Store App for Android *

Apple Backported Security Patches for Zero-Day Vulnerability in Older iPhone and iPad Models *

Nunavut Energy Supplier Qulliq Energy Corporation Suffered a Cyberattack *

Roaming Mantis Adds New DNS Changer to its Android Malware to Hack WiFi Routers *

Costa Rica's Ministry of Public Works and Transport (MOPT) Hit by Ransomware Attack *

Riot Games’ Development Environment Compromised Via Social Engineering Attacks *

Drupal Patches Vulnerabilities that Lead to Information Disclosure *

Chinese Hackers Leverages a Fortinet Flaw as a Zero-day Exploit to Drop Malware *

Hackers Actively Using OneNote Attachments to Spread Malware *

Researchers Dismantle Massive Ad-fraud Operation Dubbed 'Vastflux' *

Over 19,000 End-of-life Cisco Routers Vulnerable to RCE Attacks *

The Windows 10 KB5019275 Preview Update Comprises 14 Fixes *

Vulnerabilities of Critical Significance OpenText Enterprise Content Management System Patched *

Gamaredon Company Utilizes Telegram to Launch Cyberattacks Against Ukraine *

Hackers May Abuse GitHub Codespaces Functionality to Host and Disseminate Malware *

Researchers Discovered a New Banking Trojan Hook with RAT Capabilities *

Researchers Discovered a Critical RCE Flaw Dubbed EmojiDeploy in Microsoft Azure Services *

T-Mobile Disclosed Data Breach Affecting 37 Million Customers' Personal Information *

Attackers Hacked 34,942 PayPal Users Accounts in Credential Stuffing Attack *

Cisco Announced Patches for a High-Severity SQL Injection Vulnerability in Unified CM and CM SME *

Oracle Addresses 327 Security Vulnerabilities in its January 2023 Critical Patch Update *

HR Management Platform Myrocket.co Exposed Personal Information of Millions of Job Candidates *

CERT Coordination Center Disclosed Critical Security Flaws in Netcomm and TP-Link Routers *

Researcher Found NjRAT Trojan Being Distributed Via New Earth Bogle Campaign *

MailChimp Suffers a Breach After Attackers Gained Employee Credentials *

CISA Alerts on Vulnerabilities in Siemens, GE Digital, and Contec ICS Products *

Researchers Warn of Critical RCE Vulnerability in Zoho ManageEngine Products *

Nissan North America Suffers Data Breach Due to Poorly Configured Third-Party Vendor Database *

Microsoft Azure Services were Vulnerable to Unauthorized Access to Cloud Resources *

Git Patched Two Critical Severity Security Flaws that Allow Hackers to Execute Arbitrary Code *

Threat Actor ‘Lolip0p’ Uploaded Three Malicious Packages on PyPi Platform *

ODIN Intelligence's Website Defaced and Breached *

DNV's ShipManager Software Suffers a Ransomware Attack Affecting Thousands of Shipping *

Vice Society Ransomware Gang Leaked Sensitive Data from University of Duisburg-Essen *

Hackers Leaked Sensitive Files From San Francisco Transit Police Online *

Researcher Found Android TV Box with Pre-installed Malware *

Cryptocurrency Wallet Provider MetaMask Warns Users of a New Address Poisoning Scam *

Majority of Cacti Servers Found Unpatched against Critical Vulnerability Resulting in Attacks *

The Website of Canada's Largest Alcohol Retailer Hacked to Steal Credit Card Information *

Researchers Found CircleCI Security Incident was Caused by Info-Stealing Malware *

Hackers Breached NortonLifeLocks's Password Manager Accounts *

Polyglot Files are Used by Cybercriminals to Distribute Malware Undetected *

WordPress Plugins Found Vulnerable to Critical SQL Injection Flaws along with PoCs *

Researchers Found EyeSpy Malware Being Spread Via Trojanized VPN Installers *

Attackers Exploiting a Patched FortiOS SSL-VPN Zero-day Vulnerability Against Government Networks *

IcedID Malware Attack Compromised Active Directory Domain *

Researchers Found Hackers Actively Exploiting a Critical Flaw in Control Web Panel *

Cisco Discovers Three Vulnerabilities in Asus Router Software *

Researchers Disclosed SymStealer Security Vulnerability in Google Chrome and Chromium-Based Browser *

Australia's Fire Rescue Victoria Suffers Data Breach Claimed by Vice Society Ransomware Gang *

Gootkit Loader Abuses VLC Media Player to Infect Australian Healthcare Organizations *

Google Released Chrome 109 to Fix 17 Vulnerabilities *

New Advanced Threat Actor Dark Pink Using Custom Malware Against Government and Military Entities *

Cisco Warns About Critical Auth Bypass Vulnerability Found in End-of-Life Routers *

Scattered Spider Threat Actors Employing Vulnerable Intel Drivers to Evade Detection *

UK's Leading Mail Delivery Service Royal Mail Suffers Severe Service Disruption Following Cyberattack *

CISA Adds Two More Security Flaws to its Known Exploited Vulnerabilities Catalog *

Security Researchers Found Cryptographic Weaknesses in Threema Messaging App *

Zoom Fixes Multiple Flaws Exposing Windows and macOS Users *

Iowa's Largest School District Des Moines Public School Hit by Cyberattack *

StrongPity Hackers Targeted Android Users with a Trojanized Version of Telegram App *

Over 1,300 Fake AnyDesk Sites Found Delivering Info-Stealing Vidar Malware *

Auth0 Project Releases a Patch for RCE Flaw in the JsonWebToken Library *

Scammers Abusing Open Redirect on the UK DEFRA Website to Redirect Visitors to Fake Dating Sites *

Hackers Breached Kubernetes Clusters as Part of a Malware Campaign Via PostgreSQL Database *

CISA Alerts on High-Severity Vulnerabilities Affecting Hitachi Energy Products *

Russian Threat Group Cold River Targets Three US Nuclear Research Laboratories *

Attackers Spreading NetSupport Malware Masquerading as Pokemon Card Game to Infect Users *

MedStar Mobile Healthcare Suffers Ransomware Attack Affecting 612,000 Customers *

Threat Actors Using CAPTCHA Bypass Tactics on GitHub in Freejacking Campaign *

Hackers Bypass Firewalls Restrictions Using CloudFlare Tunnels *

Air France and KLM Suffers Data Breach; Several Customers Accounts Hacked *

Fast Food Restaurant Chain 'Chick-fil-A' Suffers Data Breach *

Rackspace's Customer Data Accessed in Ransomware Attack *

Microsoft Releases Temporary Patch for ODBC Database Connection Issues *

A New Variant of Dridex Malware Actively Attacking Windows OS and macOS Systems *

CircleCI Releases a Security Alert to Warn Users about Cyber Attack *

Bluebottle Hackers Attacked Banks Using Signed Windows Drivers *

Database of Cricketsocial.com Exposed Private Customer Data and Administrator Credentials *

Five Guys Burger Chain Suffers Data Breach Impacting Job Applicants *

Researchers Found Sudden Increase in SpyNote Android Malware Infection Rates *

New SHC-Compiled Linux Malware Found Installing Cryptominers and DDoS Bots *

Multi-Flaw Updates are Released for Qualcomm Chipsets and Lenovo ThinkPad *

Zoho Patches a Critical SQL Injection Vulnerability in its ManageEngine Products *

Multiple Car Brand's API Flaws Exposed Owner's Personal Data *

Fortinet Released Patches for High-Severity Vulnerabilities Found in FortiADC and FortiTester *

LockBit Ransomware Group Claims Ransomware Attack on Los Angeles Housing Authority *

Royal Ransomware Group Claims Data Breach Attack on Queensland University of Technology *

Threat Actors Using Stolen Information of Colombian Bank Customers as Lures in Phishing Emails *

Synology Fixed Critical Vulnerability in VPN Plus Server Software *

PyTorch Admins Reveals About Malicious PyTorch-nightly Dependency *

Bristol Community College Hit by Ransomware Attack *

A Telekom Malaysia Company Suffers a Data Breach Affecting Over 250,000 Customer Accounts *

Scripps Health Agrees to Pay $3.5 million to the Victims Affected in the 2021 Data Breach *

Jakks Pacific Toy Production’s Servers Suffers Ransomware Attack, Hive and BackCat Group Leak Data *

Royal Ransomware Group Claims Cyber attack on Iowa’s Public Broadcasting Network *

The LockBit Ransomware Gang Claims Cyberattack on Port of Lisbon in Portugal *

CISA Warns of Vulnerabilities Impacting TIBCO Software's JasperReports Product *

A Canadian Mining Firm Shuts Down a Mill After it was Attacked by Ransomware *

WordPress Sites are Being Backdoored by New Linux Malware Using 30 Plugin Exploits *

Cert-In Warns Indian Users on LastPass Data Breach and NetApp OnCommandInsight Vulnerability *

Anonymous Twitter User Published 10,000 API Keys of Crypto Trading Platform 3Commas *

CISA Warns of Several Vulnerabilities in Rockwell Automation Controllers *

Royal Ransomware Gang Claims Responsibility for Cyberattack on Telecom Company Intrado *

NETGEAR Fixes a High Severity Vulnerability Affecting Multiple Models of its Wi-Fi Routers *

Hackers Moved their Initial Infection Vector Towards Malicious Excel Add-in Files *

Attackers Abusing Google Ads to Spread Trojanized Software Products *

Hive Ransomware Claims Attack on Louisiana Hospital Impacting 270,000 Patients *

Citrix Patches Critical Severity Vulnerabilities in its ADC and Gateway Servers *

Sargent and Lundy Energy Firm Suffered a Data Breach that Impacted Personal Information of 6,900 Individuals *

A Hacker Claims to have Stolen Data of 30 Million Indian Railways Users *

New YouTube Bot Malware Found Stealing Sensitive Data *

North Korean Lazarus APT Group Targeting NFT Investors in Phishing Campaign *

BlueNoroff Threat Actors Adopted New Techniques to Bypass Windows MotW Protection *

Researchers Found a Password Vulnerability in ZyXEL Indoor Routers *

BTC.com Suffers a Cyberattack Losing Cryptocurrency Worth $3 Million *

New GuLoader Malware Found Adopting New Anti Analysis Techniques to Evade Detection *

Hackers Targeted Bitkeep Wallet Users in Cryptojacking and Drained $8M in Assets *

Researchers Warn of Critical Linux Kernel Vulnerability Affecting SMB Servers Enabled with ksmbd *

Cincinnati State Technical Community College Suffers a Cybersecurity Breach *

Researchers Disclosed a High-Severity Flaw in Kyverno’s Container Image Signature Verification Mechanism *

Researchers Discovered Critical Authentication Bypass Vulnerability in Ghost CMS *

Microsoft Silently Fixed Cross Tenant Network Bypass Flaw in its Azure Container Service *

Researchers Uncover W4SP Stealer in Multiple PyPI Packages Under Various Names *

Threat Actors Deploy New Info-stealer Malware to Infect Software Pirates *

Hackers Actively Exploit WordPress Gift Card Plugin with 50K Installations *

Researchers Warn Indian Officials About Kavach 2FA Phishing Attacks *

Widespread 2FA Bypass Attacks Hit Comcast Xfinity Accounts *

LastPass Suffers a Data Breach Exposing Customer Vault Data *

FIN7 Hackers Use an Auto-Attack Platform to Breach Vulnerable Exchange Servers *

A Hacker Leaked Customer Data of Betting Firm BetMGM on Hacking Forum *

Researchers Disclosed Multiple High-Severity Flaws in Password Management Solution Passwordstate *

The Zerobot Botnet is added with New Capabilities and Exploits New Vulnerabilities *

Researchers Discovered Banking Trojan 'GodFather' Targeting 400 Banks and Crypto Exchanges Applications *

Hackers Gained Profit from Hacking JFK Airport's Taxi Dispatch System *

Hackers Targeted Telecom and Government Systems with Raspberry Robin Worm *

Attackers Hacked Private GitHub Repositories of Okta Company *

Researchers Found Malicious Packages with 'W4SP' Info-Stealer Malware on PyPi Platform *

Hackers Targeting Brazilian Banking Users with New Android Trojan BrasDex *

Security Researchers Suspect KMSdBot Botnet Offering DDoS-for-Hire Services for Attackers *

Researchers Found New Microsoft Exchange Exploit Used by Play Ransomware to Breach Servers *

Phishing Sites Distributing DarkTortilla Malware *

Researchers Found Fake Malicious ‘SentinelOne’ Package on PyPi Repository *

Meta Platforms Took Down Fake Accounts Operated by Nearly 200 Spyware Vendors Across the Globe *

Play Ransomware Gang Claims Cyberattack on Hotel Chain 'H-Hotels' *

Microsoft Reclassified a Windows Vulnerability as Critical Severity *

Department of Healthcare and Human Services Reports Data of 254K Patients Being Compromised *

Colombian Energy Company EPM Hit by BlackCat Ransomware Attack *

CRM Platform SevenRooms Suffers Data Breach Exposing Customers’ Information *

Samba Releases Security Updates to Address Multiple High Severity Vulnerabilities *

After Being Disrupted by Google, Glupteba Malware is Back *

FBI Warns About BEC Attacks Targeting Food Shipments *

CISA Adds Critical Veeam Backup and Replication Vulnerabilities to its Known Exploited Vulnerabilities Catalog *

Microsoft Warns New Minecraft DDoS Malware Infecting Windows, Linux and IoT Devices *

Researchers found a New MirrorStealer Malware Targeting Japanese Politicians *

Ukrainian Government Networks Breached Using Trojanized Windows 10 Installers *

New Phishing Campaign Uses Facebook Posts to Evade Email Security *

Hacker Posted Social Blade's User Data on Hacking Forum Stolen in Data Breach *

5.7M Gemini Users’ Personal Information Leaked in Third-Party Vendors’ Data Breach Incident *

FuboTV Suffers Streaming Outage Due to Cyberattack *

Australia's TPG Telecom Suffers a Data Breach Affecting 15,000 Customers *

Ransomware Hackers Using Microsoft-Signed Drivers to Access Systems *

FBI Seizes 48 Booter or Stresser Online Platforms that Used for DDoS Attacks *

Unknown Threat Actors Uploaded 144,000 Phishing Packages on NuGet, NPM, and PyPi Open-Source Package Repositories *

Microsoft Fixes the LSASS Memory Leak Flaw Affecting Windows Servers *

VMware Releases Patches for Critical Security Vulnerabilities in ESXi and vRealize *

Microsoft Patch Tuesday Security Advisory - December 2022 *

Stalkware Application Xnspy Found Stealing Data from Thousands of iPhone and Android Devices *

A New Python Backdoor Allows Hackers to Access Compromised VMware ESXi Servers Remotely *

The Global Pravasi Rishta Portal of the Indian Foreign Ministry Leaks Passport Information *

Apple Addressed New Actively Exploited Zero-Day Vulnerability in its Security Updates *

LockBit Ransomware Gang Claims Ransomware Attack on Finance Department of California *

Hive Ransomware Group Claims Attack on Knox College *

Fortinet Released Emergency Patch for Already Exploited FortiOS SSL-VPN Vulnerability *

Nearly 360,000 Individuals' Information was Affected in Ontario COVID-19 Vaccine Data Breach *

A Cryptocurrency Mining Campaign Infects Linux Users with Go-Based Malware Called CHAOS *

Uber Suffers a Data Breach After an Attack on its Third-Party Vendor *

An Iran-Backed MuddyWater Campaign Abuses the Syncro Remote Administration Tool *

Australian Telecom Firm Telstra Apologizes for Data Leak that Exposed 130,000 Customer's Data *

Air Gapped PCs Highly Vulnerable to Data Theft via Power Supply Radiation *

Rackspace Issues a Phishing Warning Following a Ransomware Incident *

Cisco Warns Companies of High Severity Unpatched Flaw Affecting IP Phones Firmware Globally *

Researchers Disclose a Novel Attack Method to Bypass Popular Web Application Firewalls *

An Updated TrueBot Variant Exploiting the Netwrix Auditor Bug and the Raspberry Robin Worm *

Researchers Discover Drokbk a New Malware that Leverages GitHub as a Dead Drop Resolver *

Iranian Hackers Target the Diamond Industry with Fantasy Data-Wiping Malware *

Formbook Malware is Distributed via Trojanized OneNote Document *

Hive Ransomware Group Targeted French Sports Brand Intersport *

CommonSpirit Health Suffered Ransomware Attack that Exposed Data of 623,000 Patients *

Cisco Discloses a High Severity Vulnerability Affecting its IP Phones 7800 and 8800 Series *

New Zerobot Malware Leveraging more than 21 Flaws in Zyxel Firewalls, F5 BIG-IP, D-Link Routers *

Compromised WordPress Plugins Redirect Website Visitors to Push Notification Scam *

Attacker Tried Over 6,000 Attempts to Hack ICMR Server *

The Vice Society Ransomware Gang Targeted more than 30 Schools in 2022 *

Hackers Breached CloudSEK's Confluence Server Using Stolen Employee Credentials *

Attackers found Vulnerability in SiriusXM Platform to Unlock and Start Cars Remotely *

Amnesty International Canada was Allegedly Targeted in Cyberattack by Beijing *

Researchers Discovered Largest Dark Web "In The Box" *

Antwerp's Digital Partner Suffered a Cyberattack Disrupting the City's Digital Services *

VTB Bank, Russia's Second Largest Financial Institution, Suffers Massive DDoS Attack *

Hackers Selling Personal Data Of 150,000 Patients of Tamil Nadu's Sree Saran Medical Centre *

The André-Mignot Teaching Hospital in France Suffers a Ransomware Attack *

A Chain of Three Harmless Linux Vulnerabilities could Allow Hackers to Gain Full Root Privileges *

A Vulnerability in IBM Cloud Databases for PostgreSQL Allows Unauthorized Access *

Researchers Found Malicious Android Apps with More than Two Million Downloads on Google Play Store *

New Zealand Health Insurer Accuro Suffered a Cyberattack Affecting 34,000 Customers’ Data *

North Korean Hacking Group Using New and Fake Crypto Apps to Breach Networks and Steal Cryptocurrency *

Google Fixes a Ninth Zero Day Vulnerability in its Chrome Browser Update *

The Previously Undocumented Data Wiper CryWiper Masquerades as a Ransomware *

Attackers Targeting Unpatched Redis Servers to Drop New Redigo Backdoor *

Multiple Platform Certificates Used by Android OEM Device Vendors used to Digitally Sign the Malware *

Colombian Healthcare Provider Keralty Suffers Ransomware Attack that Disrupts its Operations *

The Schoolyard Bully Malware Infected more than 300,000 Devices to Harvest Facebook Account Credentials *

New DuckLogs Malware-as-a-Service Found to Be Used By Thousands of Cybercriminals *

Researchers Found Some NPM Tools Fail to Display Security Flaws *

NVIDIA Patches Critical GPU Display Driver Vulnerabilities in Windows and Linux *

North Korean Attackers Using New Dolphin Backdoor to Spy on South Korean Targets *

Google Released Chrome 108 to Fix High-Severity Memory Safety Vulnerabilities *

Hackers Breached GoTo's Dev Environment and Cloud Storage; Impacting its Affiliate 'LastPass' *

Researcher found Outdated OpenSSL used in Dell, HP, and Lenovo Devices *

Hive Ransomware Claims Responsibility for Attack on Guilford College in North Carolina *

Attackers using Trigona Ransomware in Increasing Worldwide Attacks *

Malicious Android App 'Symoo' Detected with 100,000 Installs on Google Play Store *

Lanner Patched Over a Dozen BMC Firmware Vulnerabilities *

Southampton County in Virginia Disclosed Theft of Individuals' Personal Information Following Ransomware Attack *

Acer Releases Patches for High Severity Vulnerability Allowing to Disable Secure Boot *

Scammers Used FC Barcelona's Website Domain for Third-Party Fraud Campaign *

Over 5.4 Million Twitter Users' Records are Freely Available on a Hacking Forum *

Researchers Discovered A Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange *

A Ransomware Group Aimed at Belgian Municipality But Hits the Police Instead *

New Ransomware Attacks Targeting Ukraine Organizations Linked to Russian Sandworm Group *

Google Patches a Zero-Day Vulnerability in its Chrome Browser Update *

The Vice Society Ransomware Group Claims Responsibility of Attack on Cincinnati State College *

Hackers Target Windows Gamers with Miners and Info-Stealers via Fake MSI Afterburner *

Researchers Detected New Stealthy Variant of RansomExx Ransomware Developed Using Rust Programming Language *

Hackers Included Spyware in New Variants of SoftVPN and OpenVPN Trojan Software *

Millions of Android Devices Require Patches for ARM Mali GPU Vulnerabilities *

Ducktail Threat Actors Targeting Facebook Business Accounts via WhatsApp *

Security Researchers Disclosed a Cross-Tenant Vulnerability in AWS AppSync Service *

Pro-Russian Hackers Claim Responsibility for DDoS Attack on European Parliament Website *

Delhi's AIIMS Server Suffers a Cyberattack Disrupting Patient Care Services *

Issue in Sophos and McAfee Scanning Engines results in Bypass of Cisco Secure Email Gateway Filter *

Researchers found Sudden Spike in World Cup-Themed Phishing Emails *

The Sharkbot Banking Trojan Distributed via Fake Android File Managers *

Threat Actors Targeted Discontinued Boa Web Servers to Infiltrate Energy Organizations *

More than 1500 Mobile Applications Leaking Algolia API Keys *

An Info-Stealing Google Chrome Extension 'VenomSoftX' is Used to Steal Cryptocurrency and Passwords *

Researchers Found Cybercriminals Increasingly Adopted Aurora Infostealer Malware in their Operations *

Attackers Trying to Bypass 2FA of Crypto Exchange Platforms Via Team Viewer and Fake Support Chat *

Hacking Group Daixin Team Claims to have Stolen 5 Million AirAsia Passengers' and Employees' Data *

DraftKings’ Customers Suffer Credential Stuffing Attack Resulting in Loss of $300,000 *

New AXLocker Ransomware Group Stealing Discord Accounts of Infected Users *

Attackers Using Google Ads to Spread Royal Ransomware *

New Variants of LodaRAT Malware are Being Deployed in Conjunction with Other Sophisticated Malwares *

Hackers Employing a Windows Zero-day Vulnerability to Deploy QBot Malware *

Indian Central Depository Services Limited Reveals About its Network Being Compromised by Malware *

Over 22000 Students Targeted in Credential Phishing Attack Impersonating Instagram *

Critical Omron PLC Vulnerability Exploited by Sophisticated Malware Targeting Industrial Control Systems *

Atlassian Fixes Critical Vulnerabilities in Crowd Server and Bitbucket Server *

Samba Addresses Vulnerability Resulting in DoS Attacks and Remote Code Execution *

Chinese Hackers Deliver Custom Malware to Government Organizations via Google Drive *

Previously Unknown ARCrypter Ransomware Expanding its Attacks Worldwide *

Researchers Discovered a New Version of RapperBot Malware Targeting Gaming Servers *

Researchers Discovered a Phishing Kit Impersonating Well-Known Brands to Target US Consumers *

Attackers Abusing a DLL Hijacking Flaw in the Windows 10 Control Panel to Infect Systems *

Disneyland Cybercrime Group Uses Punycode to Spoof Popular Bank Brands` *

F5 Addresses Several Security Flaws and Issues in its Products *

CISA Revealed About Federal Agency Being Hacked by Iranian Hackers Using Log4Shell Exploit *

Pro-Russian Hackers Claim Responsibility for DDoS Attack on FBI Websites *

Mozilla Announced the Release of Firefox 107 with Patches of High Impact Vulnerabilities *

Hundreds of Amazon RDS Instances Leak Users’ Personal Information *

PCspooF Vulnerability in TTE Affecting Network Technology used in Aircraft and Spacecraft *

State-Sponsored Chinese Hacking Group Targeting Government and Defense Organizations in Asian Countries *

Security Researchers Disclosed Details of Security Flaws in Zendesk Analytics Service *

Spotify's Backstage Developer Platform is Vulnerable to Critical RCE Flaw *

Researchers Discovered New Version of DTrack Backdoor Targeting European Organizations *

Researchers Discovered New KmsdBot Malware Mining Cryptocurrency and Launching DDoS Attacks *

'Fangxiao' A Malicious For-Profit Group Uses 42,000 Sites for Brand Impersonation Scheme *

Researchers Identified an Information Disclosure Vulnerability in Aiphone Intercom Products *

Russian Hackers Infected Ukrainian Organizations with New Somnia Ransomware *

New Phishing Campaign Targeting Spain Taxpayers to Steal Bank Details *

Cisco Addresses 33 Vulnerabilities in its Enterprise Firewall Products *

Foxit Patches Four Code Execution Vulnerabilities in its PDF Reader *

A New Extortion Scam Threatens to Leak Websites Sensitive Information Globally *

A 24 Hour Outage has Rendered Royal Mail Tracking Unavailable *

Sobeys a Canadian Food Retail Giant Hit by Black Basta Ransomware *

New Android Spyware BadBazaar Linked to Chinese Cyberspies *

Two Malicious Android Apps Spotted Distributing Xenomorph Banking Trojan *

US Confiscates 18 Domains Used for Recruiting Money Mules *

New Version of IceXLoader Malware is Dropped Via Phishing Emails *

Threat Group ‘Worok’ Concealing New Information-Stealing Malware in PNGs *

Android Spymax RAT Malware Targets the Indian Defense Forces *

Lenovo Fixes High Severity Vulnerabilities Allowing Attackers to Deactivate UEFI Secure Boot *

New Information-Stealing Malware StrelaStealer Targeted Outlook and Thunderbird Accounts *

Intel and AMD Addresses Multiple Vulnerabilities in its Patch Tuesday Updates *

SAP Released Patches for Critical BusinessObjects and SAPUI5 Vulnerabilities *

Massive Google SEO Poisoning Campaign Hacks 15,000 Sites *

LockBit 3.0 Ransomware Distributing Amadey Bot Malware Via Phishing Emails *

Cloud9 Chrome Botnet Using Malicious Extensions to Remotely Control Victim's Browsers *

Citrix Patches a Critical Authentication Bypass Vulnerability in its ADC and Gateway Product *

VMware Patches Three Critical Vulnerabilities in Workspace ONE Assist *

Siemens and Schneider Electric Addresses Several Security Vulnerabilities in its Products *

SocGholish Operators Expands its Malware Staging Infrastructure to Counter Defenders *

Researchers Found Security Scanner URLScan Accidentally Leaking Sensitive URLs and Data *

Cyberattack on PNORS Technology Leads to the Breach of Victorian School Students' Health Records *

The Largest Canadian Food Company Maple Leaf Foods Encountered Cyberattack *

The Robin Banks Phishing-as-a-Service (PhaaS) Platform Back to Steal Bank Accounts *

Hackers Abusing Microsoft Dynamic 365 Customer Voice in Phishing Attack *

CISA Warns About Critical Vulnerabilities in Three ICS Software *

Apple Releases Xcode Update to Patch Git Vulnerabilities *

Verified Twitter Users are Targeted by New Phishing Attack *

New Crimson Kingsnake Group Impersonating Law Firms in Business Email Compromise BEC Attacks *

Indian Government Employees are Being Targeted by a New Malware Campaign *

Users Across the Globe are Facing Issues in Accessing Twitter *

RomCom RAT Malware Distributed via Websites Impersonates SolarWinds NPM, KeePass, Veeam Software *

LockBit Ransomware Gang Claims Cyberattack Against German Manufacturing Company Continental *

Cisco Fixed High-Severity Vulnerabilities in Email, Identity, and Web Security Products *

ALMA Radio Telescope Suffers Cyberattack Forcing it to Suspend All Operations *

Splunk Addresses 9 High-Severity Vulnerabilities in its Enterprise Product *

Fortinet Fixed 6 High-Severity Vulnerabilities in its Multiple Products *

Researchers Disclosed Multiple Vulnerabilities in Checkmk's IT Infrastructure Monitoring Software *

Threat Actor Distributing Malware Via Hundreds of U.S. News Sites *

Malicious PyPI Packages Found Dropping 'W4SP' Info-Stealing Malware *

Infamous Emotet Malware Resumed its Operation After Five-Month Break *

Vodafone Italy Disclosed Data Breach After their Reseller FourB Hit by Cyberattack *

Hacker Steals 130 GitHub Repositories from Dropbox in Data Breach *

Malicious VPN Application Infects Android Users with SandStrike Spyware *

Malicious Android Apps Downloaded Over One Million Times Spotted on Google Play Store *

OpenSSL Releases Patches to Fix Two High Severity Vulnerabilities in Open-Source Library *

Microsoft Fixed a Critical RCE Vulnerability Detected in Azure Cosmos DB Jupyter Notebooks *

Cyberattack on Air New Zealand Compromises Multiple User Accounts *

Threat Actors Abusing Antivirus Software to Drop LODEINFO Malware Targeting Japanese Organizations *

Australian Defense Contractor Suffers Ransomware Attack *

Researchers Discovered a Security Vulnerability in Galaxy Store App for Samsung *

Label Printing Giant Multi-Color Corporation Confirmed Data Breach *

Bed Bath & Beyond Inc Suffers a Data Breach *

U.S. Bank Reveals Data Leak Affecting 11,000 Customers *

See Tickets Suffers a Major Card Data Breach Lasting for 2.5 Years *

Michigan Medicine Suffered Data Breach Impacting 33K Patients *

ConnectWise Fixes the RCE Flaw that Left Thousands of Servers Vulnerable to Attacks *

Twilio, A Cloud Communications Company Discloses Another Data Breach *

Google Patches the Seventh Zero-Day Vulnerability in its Chrome Browser *

Cyberattack on Aurubis Forces IT Systems to Shut Down *

Researchers Discover Android Malware Droppers on Google Play with 130K Installations *

Threat Actors using Clop Ransomware to Encrypt Devices Previously Infected with Raspberry Robin Worm *

The Latest Fodcha Botnet Featuring Ransom Demands has Emerged *

Drinik Android Malware Impersonating Official Tax Management Tool Targeting Users of 18 Indian Banks *

Australian Clinical Labs Disclosed Data Breach After Months of Data Leak Post *

Microsoft Fixed Sync Issue in the Vulnerable Driver Blocklist *

Medibank Confirms Hackers had Accessed the Customer's Personal Information During Ransomware Attack *

New Version of FurBall Android Malware Used for Spying Iranian Citizens *

Advocate Aurora Health (AAH) Suffers Data Breach that Exposing Data of 3 Million Patients *

Ursnif Malware Switches from Stealing Bank Accounts to Gaining Access to Computers *

Hackers Exploit Microsoft Azure SFX Vulnerability to Hijack Service Fabric Clusters *

Apache Patched RCE Vulnerability in its Open-Source Commons Text Library *

WordPress Fixed 16 Vulnerabilities with Security Update 6.0.3 *

Researchers Uncovered a Previously Undetected PowerShell Backdoor Infected Over 60 Users *

Microsoft Suffers Data Breach Due to Misconfigured Server that Exposes Customers’ Information Online *

Cobalt Strike Releases Out-of-Band Security Update for Critical RCE Vulnerability *

DiceyF Attackers Deploying GamePlayerFramework in Attacks Against Asian Casinos *

Hackers Targeted Hong Kong Government Agency's Network in a Year-Long Campaign *

Ransom Cartel Ransomware Shares Similar Traits with the Notorious REvil Ransomware *

Black Basta Ransomware Gang Employing Qakbot to Drop Brute Ratel C4 Framework *

MyDeal Suffers Data Breach where 2.2 Million Customers' Personal Information was Stolen *

Australia's Largest Health Insurance Company Medibank Suffers Ransomware Attack *

A Zero-Day Vulnerability in Windows Mark of the Web Receives Free Unofficial Patch *

End of Life for Over 45,000 VMware ESXi Servers *

Venus Ransomware Encrypting Windows Devices via Publicly Exposed Remote Desktop Services *

New PHP Version of Ducktail Malware Targeting Facebook Business Accounts *

Zimbra Zero-Day Vulnerability Leveraged to Compromise Over 900 Servers *

Microsoft Researchers Discovered A New Prestige Ransomware Targeting Organizations in Ukraine and Poland *

Colombian Govt Suffers Data Leak Exposing Secret Australian Police Agents *

India's Largest Electric Utility Company Tata Power Hit by Cyberattack *

Microsoft Office 365 Could Expose the Content of Messages due to Vulnerable Email Encryption Mode *

Hackers Distributing Android Banking Malware Copybara Via TOAD Tactics *

Magniber Ransomware Target Windows Users Via Fake Antivirus and Security Updates *

A Critical Flaw in Siemens SIMATIC PLCs Allows Hackers to Steal Cryptographic Keys *

Cloudflare Mitigates Largest DDoS Attack Aimed at Gaming Platform Minecraft's Server *

Windows, MacOS, and Linux Systems Targeted by New Alchimist Attack Framework *

Scammers Abusing Google Forms in New Covid-19-Themed Phishing Campaign *

Unofficial WhatsApp Application 'YoWhatsApp' is Stealing User's Account *

Hackers Creating Typo-Squatted Clone Packages to Trick Developers for Supply Chain Attacks *

Aruba Addressed Critical RCE and Authentication Bypass Bugs in its EdgeConnect Enterprise Orchestrator *

POLONIUM Threat Group Uses Creepy Malware in Cyber Espionage Against Israeli Organizations *

Microsoft Exchange Servers Targeted to Drop Lockbit Ransomware *

Researchers Warn of a Critical RCE Vulnerability in VM2 Sandbox Library *

Adobe Fixes Critical Flaws in ColdFusion, Adobe Commerce and Other Products *

Microsoft Patch Tuesday Security Advisory - October 2022 *

Caffeine, a Phishing-as-a-Service Platform Makes it Easy to Launch Phishing Attacks *

Researchers Disclosed New Emotet's Delivery and Evasion Techniques *

Toyota's Access Key Mistakenly Exposed on GitHub Leaking Customer Data *

Pro-Russian Hackers Take Down US Airports' Websites with Large-scale DDoS Attacks *

Android Security Updates for October Patches Critical Vulnerabilities *

Hackers Targeting Solana Cryptocurrency Owners via Fake Phantom Security Update *

Dark Web Carding Market BidenCash Leaks Details of 1.2 Million Stolen Credit Cards *

Source Code of Intel Alder Lake's UEFI Firmware has been Leaked *

Callback Scammers Strengthen their Social Engineering Techniques *

Taiwanese Chipmaker 'ADATA' Denies RansomHouse's Recent Data Breach Claims *

Fortinet Patches Critical Auth Bypass Flaw in FortiGate Firewalls and FortiProxy Web Proxies *

Threat Actors Actively Exploiting a Zero-Day RCE Vulnerability in Zimbra Collaboration Suite *

Eternity Hackers Group Offering New LilithBot Malware-as-a-Service Via Telegram Channel *

Newly Patched macOS Archive Utility Vulnerability Details Released *

Telstra's Third-Party Platform Suffers a Breach Exposing its Employee Information *

A New Bug found in Linux Kernel 5.19.12, Which Damages Intel Laptop Displays *

Hackers Breach the Tucson City's Network and Stolen the Information of Over 125,000 People *

Researchers Discovered New 'Maggie' Backdoor Targeted Several Microsoft SQL Servers *

Consumer Banking Company Chase Bank Suffers Outage which Affects UK Customers *

Live Chat App Comm100 Trojanized to Spread Malware in Supply Chain Attack *

US Alert: Hackers Using New Custom Malware to Steal Data from US Defense Organization *

Hackers Injecting Malicious JavaScript on Scammer's Crypto Sites to Steal Crypto Funds *

A Popular Chinese-language YouTube Channel found Distributing Malicious Tor Browser Installer *

A High-severity Vulnerability in Packagist PHP Repository could Lead to Supply Chain Attack *

Cheerscrypt a Linux-Based Ransomware Linked to Chinese Hackers *

Researchers Warn Microsoft Exchange Zero-Day Mitigation can be Bypassed for On-premise Servers *

Hackers Selling Fake Microsoft Exchange ProxyNotShell Exploits on GitHub *

BlackCat Added NJVC to its Data Leak Site *

Threat Actors Abusing Web Browser App Mode to Create Desktop Phishing Pages *

After Data Leak, Retail Chain 'DNS' Confirmed Data Breach *

CISA Adds Critical Bitbucket Server and Microsoft Exchange Vulnerabilities to Known Exploited Vulnerabilities (KEV) Catalog *

Hackers Exploiting Vulnerable WordPress Websites to Inject SolarMarker Malware *

Unknown Attacker Hacked Shangri-La Hotel Group's Customer Database *

Researchers Discovered Several Fake LinkedIn Profiles for CISOs of Large Organizations *

Cisco Fixed Several High-Severity Vulnerabilities in its Networking Software *

Lazarus Attackers Using New BYOVD Technique in Cyberattacks *

Scammers Dropping Cobalt Strike Beacons via Fake US Govt Job Offers *

Microsoft Confirms New Exchange Zero-Day Flaws are Being Exploited in Wild *

Microsoft Discovered Lazarus Hackers Weaponizing Open-Source Software *

Indian Government Swachh City Platform Suffers Data Breach *

Researchers Discovered New Zero-Day Vulnerabilities in Microsoft Exchange Being Actively Exploited in Attacks *

Hackers Using New Malware to Backdoor VMware ESXi Servers *

Hackers are Exploiting Ethernet VLAN Stacking Flaws to Launch DoS, MiTM attacks *

Researchers Uncovered New Secret Attack Campaign Targeting Military Contractor Companies *

World's Leading Business Media Brand Fast Company Hacked by Attackers *

New Chaos Malware Launches DDoS Attacks on Windows and Linux Devices *

The Internal Revenue Service Warned American about Huge Rise in Smishing Attacks *

Cybercriminals Distributing macOS Malware via Lucrative Job Offers Impersonating Crypto.com *

Optus Suffers a Breach Leading to Release of 10,200 Customer Records *

NullMixer Malware Distributed via Malicious Websites Mimicking Cracked Software *

Hackers Distributing Graphite Malware Using New Code Execution Technique *

New Info-stealing Malware Erbium Target Popular Video Games Via Fake Cracks and Cheats *

Tibetan Entities Targeted by Chinese Hacker using New LOWZERO Backdoor *

WhatsApp Patched 2 Major Zero-Day Bugs that Affect Both iOS and Android Versions *

Researchers Found 'Scylla' Ad-fraud Campaign on Google Play Store and Apple Store *

An Attack Targeting Universities, Telcos, and ISPs is Discovered by Researchers *

Android Users Targeted with Info-stealing Malware Via Fake Indian Banking Rewards Apps *

Several npm Packages Published by Crypto Exchanges have been Compromised *

Microsoft Patched Spoofing Vulnerability in Microsoft Endpoint Configuration Manager *

Microsoft SQL Servers Targeted in New TargetCompany Ransomware Attacks *

A New RCE Firewall Bug Exploited by Attackers in Sophos Firewall; Hotfix Available *

A Worldwide Outage Affects YouTube Live Streams *

GitHub Users Targeted with New Phishing Campaign *

Threat Actors Actively Exploiting Critical Magento Vulnerability *

Threat Actor Hacked Microsoft Exchange Servers to Spread Phishing Campaign *

CISA adds Critical ManageEngine RCE Bug to its Known Exploited Vulnerabilities Catalog *

Threat Actors Using LinkedIn Smart Links to Evade Detection in Phishing Campaign *

Over 39,000 Unauthenticated Redis Servers are Exposed to the Internet *

CISA Warns of Multiple Vulnerabilities Detected in the Dataprobe's Power Distribution Units *

15-year Old Python Vulnerability Affects more than 350,000 Open-source Repositories *

Oracle Addressed a Critical Vulnerability in its Cloud Infrastructure *

Hackers Steal $162 Million Worth of Digital Assets from Crypto Trading Firm Wintermute *

Attackers Hacked 2K Game's Support Platform to Infect Players with Malware *

Security Company Imperva Stopped a Long-lasting 25.3 Billion Request DDoS Attack *

Hive Ransomware Claimed Responsibility for Cyberattack on New York Racing Association *

Attack on Financial Technology Company Revolut Exposes 50,000 Users' Data *

Microsoft and VMware Alert on Chromeloader Malware Campaign *

U.S. Government Agencies Targeted with Better-Crafted Lures in Phishing Attacks *

American Airlines Suffered a Data Breach Exposing Employee and Customer Data *

Uber Accuses Contractor for Breach, Claims Lapsus$ Threat Group Behind the Cyberattack *

LastPass's Development Systems were Accessed for Four Days in a Data Breach *

Hacker Claims to have Stolen GTA 5 and 6 Source Code and Assets *

Security Researchers Found New Attacks of Notorious Hacking Group TeamTNT *

North Korean Attackers Targeted Media Companies with Malicious PuTTY SSH Client *

BlackCat and Quantum Ransomware Groups Using Emotet Malware to Deploy Payloads *

A Ransomware Attack Results in a Data Breach at New York Ambulance Service *

A Hacker Sells the Personal Information of 219,000 Starbucks Customers in Singapore *

Organizations Must Patch Stuxnet Vulnerabilities, Says CISA *

Uber's Internal Systems Breached Exposing Vulnerabilities Reports *

Threat Actors Distributing New Malware Bundle via YouTube *

Akamai Mitigates Another Record-Breaking DDoS Attack in Europe *

Hive Ransomware Takes Responsibility for the Attack Against Bell Technical Solutions *

Phishing Campaign Targeting Greek Taxpayers to Steal Victims' Passwords *

Scammers Using Queen’s Death to Steal Users' Microsoft Credentials in Phishing Attacks *

Lenovo Addressed Several BIOS Vulnerabilities in September 2022 Security Updates *

FBI Warns on Hackers Targeting Healthcare Payment Processors *

Hackers Target Nuclear and Genome Researchers Via Multi-Persona Impersonation Phishing Technique *

Hackers Compromise Software Provider Magento's in a Supply Chain Attack *

Cyber Espionage Attacks Targeting Asian Governments and Organizations *

WPGateway Zero-Day Vulnerability Actively Exploited in the Wild *

Apex One RCE Vulnerability is Actively Exploited, Warns Trend Micro *

Microsoft Patch Tuesday Security Advisory - September 2022 *

Lorenz Ransomware Gang Exploiting Mitel MiVoice VOIP Appliance Vulnerability *

Hacktivist Gang GhostSec Claims Responsibility for Compromising 55 Berghof PLCs in Israel *

Researchers Discovered New Android Banking Trojan 'Zanubis' Targeting Peru Banks *

Steam Community User Accounts are being Stolen Via New Browser-in-the-Browser Attacks *

Apple Addressed Actively Exploited Zero-Day Vulnerability in its Security Updates *

American Rental Company U-Haul Confirms Data Breach, Exposed Customers' Driving License Information *

Ransomware Developers Adopting a New Encryption Technique to Evade Detection *

Six High-Severity HP Firmware Vulnerabilities Left Unpatched For Over a Year *

Admins are Urged to Patch a High-Severity Vulnerability in ConnectWise Automate Tool *

The Lampion Malware Abusing File Sharing Service WeTransfer in Phishing Attacks *

Albania Hit by Another Cyberattack, Blamed on Iran *

5 Million Attacks Blocked Targeting Zero-Day in BackupBuddy WordPress Plugin *

Bumblebee Malware Now Using New Stealthy Infection Technique *

New Attack Technique GIFShell Used to Create Reverse Shell Using Microsoft Teams GIFs *

North Korean APT Group Lazarus Targets U.S. Energy Sector *

Iranian Threat Group DEV-0270 Abusing BitLocker Feature to Encrypt Windows Systems *

The Armed Forces General Staff Agency of Portugal Suffers a Cyberattack *

Threat Actors Found Utilizing PowerShell Empire After Initial Compromise *

New Moisha Ransomware Actively Targeting Several Organizations *

Attackers Hacked 200,000 The North Face Accounts in Credential Stuffing Attack *

Threat Group APT42 Distributing a Custom Android Spyware via SMS Phishing Campaigns *

Cisco Refuses to Patch Zero-Day Vulnerability in EoL Routers *

HP Patches a High Severity Flaw in its Support Assistant Tool *

New Linux Malware Shikitega Evade Detection Via Multi-Stage Deployment *

Ransomware Attack Hits Second Largest U.S. School District Los Angeles Unified *

Mirai Variant Moobot Botnet Targeting Vulnerable D-Link Routers *

InterContinental Hotels Group Hit by Cyberattack Disrupts IT Systems *

Zyxel Addressed a New Critical RCE Vulnerability in NAS Firmware Security Updates *

Ransomware Attackers Abusing Genshin Impact Game's Anti-Cheat Driver to Kill Antivirus *

EvilProxy Phishing Toolkit Allows Hackers to Steal Authentication Tokens to Bypass MFA *

TikTok Denies Security Breach Claims, Stating the Leaked Data is Unrelated *

QNAP Fixes a Photo Station Zero-Day Vulnerability Leveraged in Deadbolt Ransomware Attacks *

Italy’s Energy Sector Hit by BlackCat Ransomware Group *

NFL's San Francisco 49ers Confirms Data Breach; Information of 20K People Stolen *

French Clothing Store, Damart Hit by Hive Ransomware; $2 Million Ransom Demanded *

The SharkBot Malware Strikes Back to Steal Login Credentials *

Threat Actors Stole Victim Data with Prynt Stealer's Backdoor *

Internal Revenue Service Accidentally Leaked Personal Information of 120,000 Taxpayers *

Google Chrome Emergency Update Patches New Zero-Day Vulnerability *

Samsung Suffers Data Breach; Users Personal Data Leaked *

Chilean Government Agency Hit by a New Ransomware Attack *

New Instagram Phishing Campaign Targets Thousands of Accounts Via Blue-Badge Offer *

Over 1,000 iOS Applications Detected Exposing AWS Credentials *

Famous Social Media Platform Twitter Suffers Outage, Thousands of Users Reported Connection Problems *

Ragnar Locker Ransomware Gang Claims Cyberattack Against TAP Air Portugal Airline *

Malicious Google Chrome Web Browser Extensions were Downloaded by 1.4 Million Users *

A TikTok Android App Vulnerability Enable Hackers to Hijack Accounts *

New Bug in Google Chrome Lets Websites Write to Clipboard Without User Approval *

Apple Fixed an Actively Exploited iOS Zero-Day Vulnerability in Older iPhone Models *

Microsoft Azure Outage Knocks Ubuntu Virtual Machines Offline Globally *

Russian Streaming Platform START Discloses Data Breach *

Threat Actors Hide Malware in the Images of the James Webb Telescope *

Chinese Threat Actors Actively Targeting Australian Government Via ScanBox Malware *

New Golang-based 'Agenda' Ransomware Targeting Healthcare and Education Entities *

Vodafone Idea Denies Data Breach Exposing Call Data of 20 Million Customers *

Baker & Taylor the Largest Library Solution Distribution Firm Hit by Ransomware Attack *

2.5 Million U.S Students Loan Accounts Details Exposed in Nelnet Data Breach *

Akasa Air's Data Breach Exposes Passengers' Personal Information *

Russian Attackers Employing New Malware to Hijack ADFS *

Iranian Hackers Leveraging Log4j 2 Vulnerabilities in Attacks Against Israeli Entities *

CISA Added 10 New Actively Exploited Vulnerabilities to its Catalog *

Threat Actors Exfiltrated LastPass Source Code Using a Compromised Developer Account *

The DoorDash Service Reveals a New Data Breach Linked to Twilio Hack *

Threat Actors Using the Fake "Cthulhu World" P2E Project to Spread Malware that Steals Data *

A Critical RCE Vulnerability Discovered in Atlassian Bitbucket Server *

A Database Leak in India Exposed Federal Police and Banking Records *

Researchers Identified that Over 130 Entities Hit by Okta Phishing Attack *

Canadian Manufacturing Company Bombardier Recreational Products (BRP) Hit by Cyberattack *

Phishing Campaign Targets PyPI Maintainers Leading to Hijacking of PyPI Packages *

Cisco Fixes Two High Severity Vulnerabilities Affecting its Nexus-Series Business Switches *

Mozilla Fixes Several Vulnerabilities in Firefox and Thunderbird Products *

New Evil PLC Attack Weaponizes PLCs to Hack OT and Enterprise Networks *

Researchers Found New BEC Campaign Using MITM Attack to Monitor Microsoft 365 Accounts *

Plex Alerts Users to Reset Passwords After Detecting a Data Breach *

IBM Fixes High-Severity Vulnerabilities in its MQ Messaging Middleware *

Dominican Republic's Government Agency Suffers Quantum Ransomware Attack *

Researchers Reveal 8-Year-Old Vulnerability DirtyCred Found in Linux Kernel *

Google Researchers Identified Iranian Hackers Using a New Tool to Steal Victims’ Email Data *

France Hospital Hit by a Ransomware Attack Demanded $10 Million Dollar Ransom *

Attackers Targeted Hotel and Travel Firms Via Phishing Campaigns *

Greek Natural Gas Operator DESFA Hit by Cyberattack *

GitLab Patches a Critical RCE Vulnerability Impacting its Community and Enterprise Edition *

Researchers Find RTLS Systems Vulnerable to MiTM Attacks and Location Tampering *

Scammers used Compromised PayPal Account to send Phishing Invoice Mail to PayPal Users *

Novant Health Disclosed Data Breach; Impacts 1.3 Million Patient Records *

Researchers Discovered New 'Escanor' Malware Weaponized in Microsoft Office and Adobe PDF Documents *

Grandoreiro Banking Malware Spotted Targeting Spanish and Mexican Manufacturer Employees *

CISA Warned About a Critical SAP Vulnerability Exploited in the Wild *

Researchers Detected 241 NPM and Python Packages Drop Cryptominers on Linux Systems *

Attackers Infecting Vulnerable WordPress Websites to Deliver RAT and Trojan Malware *

FBI Alert: Attackers Using Proxy and Configurations in Credential Stuffing Attacks *

Attackers Compromised General Bytes Bitcoin ATM Servers Using a Zero-Day Flaw *

Chinese APT41 Group Targeted 13 Entities Worldwide in 2021 *

Amazon Fixes a High-Severity Flaw in its Ring Application *

Cozy Bear Attackers Actively Targeting Microsoft 365 Users *

Researchers Describe Evasive DarkTortilla Crypter Used to Deliver Malware *

Threat Actors Employing Bumblebee Malware Loader to Compromise Active Directory *

Cisco Fixes a High Severity Vulnerability in Secure Web Appliance *

Google Blocked the Largest HTTPS DDoS Attack of All Time *

A New MailChimp Data Breach Exposing DigitalOcean Customers' Email Addresses *

North Korean Attackers Infecting Job Seekers with macOS Malware *

Malicious Browser Extensions Downloaded by More than 7 Million People Since 2020 *

Google Released Security Update to Address a Zero-Day Flaw in Chrome Browser *

Apple Patches Two Actively Exploited Vulnerabilities in iPhone, iPad, and macOS Security Updates *

Clop Ransomware Gang Breaches UK Water Supply Company But Misattributes the Victim *

BharatPay Suffers Data Breach Exposing 37,000 Users’ Personal and Transaction Details Online *

Hacker Loots 20,000 Items Worth $6 Million from CS:GO Trading Site *

Researchers Detected AEPIC Leak and SQUIP Bugs in Intel and AMD Processors *

Twilio Data Breach Exposed Phone Numbers of 1,900 Signal Users *

Behavioral Health Group Notifies Customers of Data Breach Affecting 198K Patients *

Malicious PyPi Packages Targeting Counter-Strike Servers with DDOS Attacks *

Argentina's Judiciary of Cordoba Suffers Play Ransomware Attack *

Security Researchers Disclosed a Security Flaw in Microsoft Signed UEFI Boot Loaders *

A New SOVA Malware Variant Now Encrypts Android Files *

Realtek eCos SDK Vulnerability Expose Multiple Routers to Remote Attacks *

CISA and FBI Alerts on Zeppelin Ransomware Attacks *

VLC Media Player Banned in India, Website and Download Link Blocked *

A Malicious MiMi Chat App Drops New Backdoor rshell on Mac, Linux Systems *

Researchers Detected Security Flaws in Xiaomi Smartphones Powered by MediaTek Chips *

Scammers Abusing Google Sites and Microsoft Azure Web App to Steal Cryptocurrency Wallets *

Zimbra Authentication Bypass Vulnerability Actively Exploited to Breach Over 1000 Email Servers *

Security Researchers Identified Critical Bugs in Device42 IT Asset Management Platform *

A Threat Actor Employs a New RAT Malware in Cuba Ransomware Operation *

Cisco Confirms Yanluowang Ransomware Group Breached its Network in May,2022 *

Cybersecurity Firm Detects Vulnerabilities in Indian Insurance Company Policybazaar *

Cisco Patched a Vulnerability which Allowed to Steal RSA Private Keys on ASA, FTD Devices *

Microsoft Linked Service Outage to Cisco Meraki Firewall's IDR False Positive Alert *

Palo Alto Networks Fixed a Security Vulnerability Detected in PAN-OS Firewall Configuration *

IBM Fixes Several Vulnerabilities in Cloud, Voice, Other Security Products *

CheckPoint Researchers Discovered Ten Malicious Python Packages Steal Developer's Credentials *

CISA Alerts Administrators on Windows and UnRAR Vulnerabilities Exploited in the Wild *

Cloudflare Also Hit by Threat Actors Responsible for Twilio Data Breach *

New Android Spyware 'Dracarys' is Distributed via Fake Signal Messaging App *

Microsoft Patch Tuesday Security Advisory - August 2022 *

Chinese Attackers Employed a New Malware to Backdoor Government and Defense Organizations *

Cloud Communications Company Twilio Discloses a Data Breach *

New Orchard Botnet Utilized Bitcoin Founder’s Account Information to Create Malicious Domains *

Email Marketing Firm Klaviyo Suffers a Data Breach *

Multinational Retail Company 7-Eleven Suffers a Cyberattack Forced to Close All Stores in Denmark *

Threat Actors Abused Hostinger’s Preview Domain Feature in Phishing Attacks *

F5 Addressed 21 Vulnerabilities in its Quarterly Security Updates *

North Korean Attackers Impersonating World's Largest Cryptocurrency Firm Coinbase to Target Fintech Industry *

Hackers Abused Snapchat and American Express Websites in Phishing Attacks *

A New Ransomware 'GwisinLocker' Encrypts Vulnerable ESXi Servers *

Slack Resets Users Passwords After a Bug Exposed Hashed Passwords *

Akamai Reports Largest Ever DDoS Attack, with 659.6 Million Packets per Second *

Cyberattack on UK Managed Service Provider Causes NHS Outage *

A Zero-Day Bug Exposes 5.4 Million Twitter Accounts *

The Association of German Chambers of Industry and Commerce (DIHK) Hit by a Cyberattack *

Over 280 Million Indian Citizens' Sensitive Data Exposed Online *

CISA Urges Users to Patch Vulnerable Zimbra Email Suites *

Community Healthcare "First Choice" Impacted by a Data Breach *

New Phishing Campaign Targeting Microsoft Email Services to Launch BEC Attacks *

Researchers Detected a Critical Vulnerability Affects 29 Models of DrayTek Vigor Routers *

Vulnerability in WordPress's Download Manager Plugin Hosted on Over 100,000 Sites has been Fixed *

Researchers Detected a New 'ParseThru' Flaw Impacts Golang-Based Applications *

NVIDIA fixed several Security Flaws in GeForce Security Update *

Google Addressed Multiple Security Vulnerabilities in Chrome Browser Updates *

Cisco Patches Critical Security Vulnerabilities in its VPN Routers *

CERT-In Identifies High Severity Vulnerabilities in Mac, iPhone, iPad, ChromeOS and Firefox Browser *

Attackers Stolen Wiseasy’s Employee Passwords to Access Nearly 140,000 Wiseasy Payment Terminals *

VMware Fixed a Critical Authentication Bypass Vulnerability Affecting its Multiple Products *

Taiwanese Websites Suffers DDoS Attacks Ahead of House Speaker Nancy Pelosi's Visit *

Google Released its Android OS Security Bulletin August 2022 *

A Major German Semiconductor Manufacturer Semikron Suffers Ransomware Attack *

Vulnerable GitHub Actions Workflow Allows Command Execution *

Over 3,200 Apps Leak Twitter API Keys Allow Hackers to Hijack Users' Twitter Accounts *

Security Researchers Detected a Directory Traversal Arbitrary File Deletion Flaw in CompleteFTP Software *

Cybersecurity Firm Halborn Warns of New MetaMask Phishing Campaign *

Microsoft Notifies About Outlook Crashing When Reading Uber Receipt Mails *

European Natural Gas Pipeline Operator 'Creos Luxembourg' Hit by BlackCat Ransomware Attack *

Subzero Malware Exploiting Windows and Adobe Vulnerabilities *

North Korean Threat Actor Deploying Malicious Browser Extensions to Spy on Email Accounts *

A Security Researcher Detected XSS Bugs in Google Cloud, DevSite, and Google Play *

LockBit Ransomware Hackers Abusing Windows Defender to Side-Load Cobalt Strike *

Researchers Discovered Giant Network of 11,000 Fake Investment Sites Targeting Europe *

OneTouchPoint Suffers a Data Breach Affecting 30 Healthcare Entities *

Android Adware Apps are being promoted by Facebook Ads *

Federal Communications Commission warned Americans about increasing Smishing Attacks *

Malicious Android Apps are Dropping Banking Malware on User Devices via Google Play Store *

LibreOffice addresses Multiple Security Vulnerabilities *

Microsoft 365 Suffers an Outage Impacting North American Admin Center *

Threat Actors Using Hacked Microsoft SQL Servers as Proxies to Steal Bandwidth *

Hackers Stealing Discord Users’ Payment Card Info Using Malicious npm Packages *

Cloud Services Have Been Disabled by a Kansas MSP to Fend Off Cyberattack *

Hackers Exploiting Nuki Smart Lock Vulnerabilities to Open Doors *

New ‘Robin Banks’ Phishing Service Targeting Customers of Financial Organizations *

Threat Actors Hacking Microsoft Exchange Servers with IIS Backdoors *

New Phishing Campaign ‘Ducktail' Aimed at Professionals on LinkedIn *

Hackers Employ Malware and Adware to Infect 28 Google Play Store Apps *

Threat Actors Hack Blockchain Music Platform 'Audius'; $6 million Stolen *

Hackers Employing WebAssembly-Coded Cryptominers to Avoid Detection *

New Version of Amadey Malware Distributed in SmokeLoader Campaign Via Software Cracks *

Hackers Leveraging GoMet Backdoor to Target an Ukrainian Software Company *

FileWave MDM Vulnerabilities Expose 1,000 Organizations to Remote Attacks *

Researchers Found CosmicStrand UEFI Malware in Gigabyte and ASUS Motherboards *

A Zero-Day Vulnerability in PrestaShop is Being Actively Exploited to Steal Customer's Payment Information *

Policybazaar Confirms a Network Breach in its IT Systems *

Atlassian Fixed Critical Bug Enables Hackers to login Unpatched Confluence and Data Center Servers *

Attackers Using DLL Side-Loading Technique to Drop QBot Malware on User Systems *

Zyxel Releases Security Patches to Fix Vulnerabilities in its Firewall Products *

Fraudsters Targeting Punjab State Power Corporation Limited (PSPCL) Consumers in New Online Scam *

A Threat Actor 'Devil' claimed to have stolen Account Data of 5.4 million Twitter Users *

Russian Attackers Breach Ukrainian Media Company TAVR Media to Spread Fake News About President Volodymyr Zelenskiy *

Konni RAT Malware is Used by North Korean Hackers to Attack European Nations *

SonicWall Immediately Patches a Critical SQL Injection Vulnerability *

Hackers Employing New ‘Lightning Framework’ Linux Malware to Install Backdoors and Rootkits *

Hackers Leveraged High-Severity Google Chrome Bug to Infect Journalists *

Cryptomining Group '8220 Gang' targeting Linux and Cloud Application Vulnerabilities *

Rouge ‘YouTube’ Google Advertisement Redirect Users to Windows Support Scams *

Oracle Addresses 349 New Security Vulnerabilities in its July 2022 Critical Patch Update *

Apple Addressed Multiple Security Vulnerabilities in its All Devices *

A New CloudMensis Spyware Targeting Apple macOS Users *

A New Cryptocurrency Scam Swindle Users Via Fake Nvidia Giveaway *

Russian SVR Attackers Employing Google Drive Cloud Services to Evade Detection *

Belgium Claims Chinese Threat Groups Targeting its Ministry of Defense and Interior Ministries *

Attackers Steal 50,000 Payment Card Details from 300 U.S. Restaurants in Web-Skimming Campaigns *

German-Based Giant Building Materials Producer Knauf Hit by Black Basta Ransomware Attack *

FBI Alerts of Fraudulent Cryptocurrency Apps used to trick U.S. Investors *

Flipkart owned Cleartrip Suffers Data Breach *

Albania Government Hit by a Massive Cyberattack Forced to Shut Down Websites and Online Services *

Windows Network File System Vulnerability Leads to Arbitrary Code Execution *

The Infamous Pegasus Spyware Infected Thailand Pro-Democracy Activists' Smartphones *

Threat Actors Comproised Popular Premint NFT Website and Stolen Nearly $375k Worth of NFTs *

Israel's Health Ministry Website Hit by a Cyberattack Prevented Access to Users from Abroad *

Microsoft 365 Service Outage Impacts Outlook and Exchange Online *

The Qakbot Trojan Malware Increased its Infection Rate with New Techniques *

Juniper Fixes Critical Vulnerabilities in Junos OS and Contrail Networking Products *

Attackers Spoofing GitHub Commit Metadata to Mask Malicious GitHub Repositories *

Colorado Springs Utilities Issued Warning to Customers After Identifying a Data Breach *

Researchers Detected a New Netwrix Auditor Flaw which Enables Hackers to Compromise Active Directory Environment *

Researchers Disclose Use-after-free Condition in Google Chrome WebGPU *

Threat Actors Using Digium Phone Software To Actively Exploit VoIP Servers *

Threat Actors Actively Exploiting Modern WPBakery Page Builder Addons Vulnerability *

Threat Actors Targeting Industrial Operators Using Trojan Horse Malware and Password Cracking Ecosystem *

DDoS Attacks by the Mantis Botnet Hit Hundreds of Cloudflare Users *

Microsoft Attributed Holy Ghost Ransomware Operation to North Korean Attackers *

Pakistani Hackers Targeting Indian Students in a New Spear-Phishing Email Campaign *

Hackers Targeting PayPal Users Using Phishing Kit Installed on Hacked WordPress Sites *

Nation-State Hacking Groups Targeting Journalists in Espionage and Malware Campaign *

New Retbleed Speculative Execution Attacks Impacts Intel and AMD Processors *

Famous Social Media Site, Twitter Suffers Outage; Prevented Users from Posting Tweets *

SAP Fixed Multiple Security Vulnerabilities in its July 2022 Security Patch Day *

Lenovo Fixes Three UEFI Firmware Security Flaws Impacting more than 70 Product Models *

Bandai Namco Confirmed the Cyberattack and Investigating Data Leak *

Lithuanian Energy Company 'Ignitis Group' Hit by DDOS Attack *

Researcher Detected a New Android Malware 'Autolycos' on Google Play Store, Downloaded 3 Million Times *

Uniswap Lost $8 Million Worth of Ethereum Crypto in Large-Scale Phishing Attack *

Microsoft Uncovered the Exploit Code for macOS Sandbox Escape Vulnerability *

New Data Extortion Group 'Luna Moth' Breaching Organizations Via Fake Subscription Renewals *

Microsoft Detected AiTM Phishing Campaign Targeting Over 10,000 Entities Since 2021 *

Malaysia and Indonesia Hackers Launch Cyber War Against Indian Entities Due to Nupur Sharma's Controversial Comments *

The New York Department of Motor Vehicles (DMV) Warned of Smishing Attacks *

Siemens and Schneider Electric Addressed Several Flaws in its ICS Products *

VMware Fixes Eight-Month-Old High Severity Vulnerability in vCenter Server *

CISA Urges Federal Agencies to patch the new Windows High-Severity Vulnerability *

Adobe Fixes Critical Vulnerabilities in its Acrobat, Reader, Photoshop Products *

Microsoft Patch Tuesday Security Advisory - July 2022 *

North Korean Hackers Stole $620 Million from Axie Infinity in Spear-Phishing Attack *

India’s Central Public Works Department (CPWD) Experiencing Targeted Cyberattacks Across its Offices *

Scammers Started Phishing Campaign Targeting Amazon Prime Day-Shoppers *

Attackers Leveraging Azure VMs and GitHub Actions for Cloud-Based Cryptocurrency Mining *

A Rolling-PWN Vulnerability Enables Attackers to Start Honda Vehicle Remotely *

Hackers Disguise as Cybersecurity Companies to Trick Victims into Installing Malware *

Attackers Compromised Goa’s Water Resource Department (WRD) Server and Demanded Cryptocurrency as Ransom *

New 0mega Ransomware Gang Targeting Organizations in Double-Extortion Attacks *

A New Phishing Campaign Leveraging Follina Vulnerability to Deploy Rozena Backdoor *

Hackers Targeting Russian Users by Employing a Malicious Browser Extension *

Cisco Fixes a Critical Vulnerability in its Enterprise Communication Solutions *

Fortinet Addressed Several Security Vulnerabilities in its Multiple Products *

Mangatoon Data Breach Exposed 23 Million Accounts Information *

Microsoft Patched a Flaw Crashing Office Apps While Opening with Cloud Documents *

A Canadian Communications Firm Rogers Suffers Massive Outage Affecting Mobile Service *

New Stealthy OrBit Malware Harvesting Information from Linux Systems *

Hackers Sending Fake Copyright Complaint Emails to Deploy IcedID Banking Malware *

Hackers can Exploit Online Programming Learning Websites to Launch Remote Cyberattacks *

CuteBoi Threat Group Deploys Over 1,200 NPM Malicious Packages in Large-Scale Cryptomining Campaign *

Checkmate Ransomware Attacks Targeting QNAP NAS Devices Exposed to Internet *

Hacking and Ransomware Groups Switch from Cobalt Strike to Brute Ratel Post-Exploitation Toolkit *

Bitter APT Threat Group Still Targeting Bangladesh Military Entities *

Federal Agencies Alerted on Maui Ransomware Attacks Targeting Healthcare Entities *

OpenSSL Patches a High Severity Vulnerability in Cryptographic Library *

North American Giant IT Service Provider 'SHI' Hit by a Potential Malware Attack *

Marriott Hotels Suffers a Data Breach that Exposed 20 GB of Guests Information *

USA Professional Finance Company Suffers Data Breach Affecting Patients of 650 Healthcare Providers *

Microsoft Silently Patches the ShadowCoerce Windows NTLM Relay Vulnerability *

NPM Supply Chain Attack Employed Typosquatting Technique to Launch Supply Chain Attack *

New RedAlert Ransomware Gang Targeting Windows and Linux VMware ESXi Servers *

UK Army's YouTube and Twitter Account Hacked to Promote Crypto Scams *

Google Patches An Actively Exploited New Chrome Zero-Day Vulnerability *

Django Patches A High Severity SQL Injection Vulnerability in its New Release *

One Billion Chinese Citizens' Stolen Data is Being Sold by Hackers for Bitcoins *

Jenkins Revealed Several Zero-Day Vulnerabilities in its Multiple Plugins *

Several Flaws in Brocade SANnav Storage Area Network (SAN) Affects Multiple Major Entities *

Evilnum APT Group Makes Comeback with Updated TTPs, Targeting Fintech Entities *

Microsoft Warns of Raspberry Robin Worm Infecting Hundreds of Windows Networks Via Infected USB Drives *

A Cyberattack Over Geographical Solutions Inc. (GSI) Disrupted Unemployment Services Across the United States *

Hackers Sent Fake Suspension Notices to Verified Twitter Accounts *

Google Alerts Users about Slice Payments App which Steals Photos, Audio Records, and Call Histories *

RCE Exploit Discovered in Zoho Manage Engine AD Audit Plus Bug *

A XFiles Info-Stealing Malware Now Leveraging Follina Vulnerability in Cyberattacks *

Toll Fraud Malware Targets Android Devices by Automatically Subscribing to Premium Services *

NFT Giant OpenSea Reports Data Breach and Warned Users of Phishing Attacks *

Macmillan Publishers Suffers a Ransomware Attack; Forced to Shut Down Network *

Norway's Government Websites Suffers Multiple DDoS Attacks *

Attackers Employing New Stealthy Malware to Backdoor Microsoft Exchange Servers Worldwide *

A New Info-Stealer 'YTStealer' Targets YouTube Content Creators to Steal Authentication Tokens *

MITRE Published Top 25 Most Dangerous Software Bugs List of 2022 *

Walmart Denies Yanluowang Ransomware Attack *

CISA Urged Administrators to Patch High-Severity Linux PwnKit Vulnerability *

Microsoft Patches Azure FabricScape Vulnerability Enable Hackers to Hijack Vulnerable Linux Clusters *

Amazon Patches High Severity Security Flaw in its Android Photos Application *

A Famous Raccoon Stealer Malware Returned With New Malicious Capabilities *

Researchers Found Over 900,000 Internet-Exposed Kubernetes Instances Vulnerable to Data-Exposing Cyberattacks *

Hackers Reused Same Compromised Account Credentials of Zola Website to Gain Access to User Accounts *

Threat Actors Installing New 'ZuoRAT' Malware on Unpatched SOHO Routers *

Microsoft Released Windows 10 KB5014666 Cumulative Update Include Several Bugs Fixes and New Printing Features *

American Famous Semiconductor Company AMD Investigating RansomHouse Data Theft Claims *

Unknown Threat Actor Installed Credit Card Skimmers on Bank of the West's ATMs *

A New Android Banking Malware 'Revive' Masquerades BBVA Bank’s 2FA Application *

Chinese APT Group Compromising Building Automation Systems by Leveraging Microsoft ProxyLogon Vulnerability *

The National Institute of Standards and Technology (NIST) Issues New Guidance on Securing macOS Systems *

A Cyberattack Hit Iran’s Major Steel Companies and Forced to Stop Factory Production *

The Vice Society Ransomware Group Claims Responsibility of Attack on Medical University of Innsbruck *

A New Phishing Technique Uses Microsoft WebView2 Apps to Bypass Multi-Factor Authentication *

LockBit Ransomware Gang Infecting Users Via Fake Copyright Violation Emails *

U.S. Federal Trade Commission Warns on Extortionists Targeting LGBTQ+ Community *

Microsoft Downplays High Severity Vulnerabilities in Edge Web Browser, Affecting Over 150 Million Users *

Fast Shop, a Brazilian Retailer, Disclosed a Cyberattack Involving Extortion *

Cybercriminals leveraging Mitel Zero Day to Launch Suspected Ransomware Attack *

Malicious PyPi Python Packages Sending stolen AWS keys to Unsecured Websites *

A Japan Based Automotive Fabrics Distributor TB Kawashima Confirmed on a Cyberattack *

ISGEC Heavy Engineering Limited data is Encrypted by Hackers and They Demand Bitcoin to Decrypt It *

Automotive Hose Maker Nichirin's USA Based Subsidiary Suffers Ransomware Attack *

CISA Warns on Threat Actors Leveraging Log4Shell Vulnerability to Hack VMware Servers *

New Quantum Builder Enable Attackers to Easily Launch Malicious Windows 'LNK' Attacks *

A New Phishing Campaign Targeting Microsoft 365 Users to Steal MetaMask Recovery Phrases *

Vulnerable QNAP NAS Devices are Targeted by DeadBolt Ransomware Attacks *

Italian Spyware Vendor Infects Android and iOS Users with help of Internet Service Providers *

SMA Technologies’ Critical OpCon UNIX Agent Vulnerability Receives A Patch *

Chinese Hacking Group Disguising Cyber Espionage Operation as Ransomware Attacks *

Lithuanian NCSC Warned of an Increase in DDoS Attacks on Government Websites *

Google Fixed 14 Vulnerabilities with the release of Chrome 103 Version *

Chinese Hackers Distributing 'Nimbda' Loader Bundled in 'SMS Bomber' Tool to Install Info-Stealer Trojan Payload *

MEGA Patches Several Critical Vulnerabilities in Encryption Algorithm *

Cloudflare Suffers Massive Outage Caused by Network Configuration Error *

Icefall 56 Vulnerabilities are affecting Operational Technology Devices used in Various Industries *

New APT Group ToddyCat Targets Microsoft Exchange Servers *

Yodel Parcel Company Suffers Cyberattack Disrupting Delivery Services *

Microsoft 365 Service Outage Impacts Microsoft Exchange Online and Teams *

A New Phishing Campaign Steals Microsoft 365 Credentials Via Fake Voicemails *

New DFSCoerce NTLM Relay Attack Enables Attackers to Take Control Over Windows Domain *

RobertHalf, Global HR Firm Warns Users About Credential Stuffing Attack *

Android Banking Trojan BRATA Now Evolving Into Advance Persistence Threat *

A New Surge in ECh0raix Ransomware Attacks Detected Targeting QNAP NAS Devices *

Hackers Dropping Malicious Cobalt Strike Beacons in a New Phishing Campaign *

Cisco Confirmed on not Patching RCE Flaw in Obsolete VPN Routers *

A New 'MaliBot' Android Banking Malware Distributing as Crypto-Mining or Chrome Browser Application *

Researchers Identified Dozen of Flaws in Industrial Network Management System of Siemens *

The United States Department of Justice Dismantled Russian RSocks Botnet Infrastructure *

A Vulnerability in Cisco Appliances Allows Hackers to Bypass Authentication *

WordPress Force-Updated Ninja Forms Plugin Patch on Millions of Websites *

Chinese Hackers Exploited Sophos Firewall Zero-day Bug Weeks Before Official Patch Release *

Africa's Largest Supermarket 'Shoprite Holdings' Hit by Ransomware Attack *

Citrix Fixed Critical ADM Vulnerability in its Security Updates *

New Peer-to-Peer Panchan Botnet Compromised Several Linux Servers in Education Sector *

Public Travis CI API Logs Exposed Thousands of GitHub, AWS, Docker Tokens *

A New Side-Channel Attack 'Hertzbleed' Affects Intel and AMD Processors *

Cloudflare Detects and Mitigates Largest HTTPS DDoS Attack *

Microsoft Fixed Actively Exploited Windows MSDT Zero-Day Vulnerability in its June 2022 Security Updates *

ALPHV Ransomware Group Created a New Technique for Extortion *

Unknown Threat Group Hacked Over 500 Indian Websites, Demanding an Apology to Muslims All Over the World *

Android Adware and Info-stealing Malware Downloaded Over Two Million Times on Google Play Store *

Nonprofit Health Care Company Kaiser Permanente Confirms on Data Breach, Affected Over 69,000 Individuals *

Microsoft Patch Tuesday Security Advisory - June 2022 *

Gallium Hackers Targeting Financial and Government Organizations Using New 'PingPull' Malware *

Attackers Deploying BlackCat Ransomware on Compromised Microsoft Exchange Servers *

Threat Actors Employing a New Linux Rootkit Malware ‘Syslogk’ in Cyberattacks *

A Stealthy Linux Malware 'Symbiote' Targeting Latin American Financial Entities *

Malicious PyPI Package ‘keep’ Contains Password Stealer Due to Typographical Error *

Hello XD Ransomware Group Now Dropping a Backdoor While Encrypting Systems *

New PACMAN Hardware Attack can Bypass Pointer Authentication (PAC) in Mac Systems *

AvosLocker and Cerber2021 Ransomware Gang Actively Targeting Unpatched Atlassian Confluence Servers *

Google Fixed Several Security Vulnerabilities in Chrome Browser Updates *

Iranian Hackers Use DNS Backdoor to Attack Energy Sector *

Hackers Distributing New Info-Stealer Malware Via Pirated CCleaner Pro Software *

Several Botnets Now Exploiting Critical Atlassian Confluence RCE Vulnerability to Deploy Cryptominers *

Researchers Identified a New Chinese-Linked APT Group Spying on Organizations for 10 Years *

The New Advanced Malware 'Symbiote' Infects All Linux Processes and Steal Account Credentials *

Threat Actors Compromised US Online Gun Shops to Steal Customers' Credit Card Details *

Emotet Malware is Now Harvesting Credit Card Information from Google Chrome Browser *

Medical Service Provider 'Shields Health Care Group' Suffers a Data Breach, Exposed Over 2,000,000 People Data *

Google Fixed Several Critical Android Flaws in June 2022 Security Updates *

Hackers Abused Facebook Messenger in Large-Scale Phishing Campaign to Steal Victims' Credentials *

Two Critical U-Boot Vulnerabilities Disclosed in Linux-Based Embedded Systems *

Black Basta Ransomware Strikes Vulnerable VMware ESXi Servers *

Threat Actors Deploying New Malware 'SVCReady' Via Phishing Campaigns *

Chinese Govt Hackers Compromise US Telecommunication Companies to Snoop on Network Traffic *

Black Basta Ransomware Group Employing QBot Malware in their Operations *

Italian City of Palermo Hit by Cyberattack, Impacting Wide Range of Operations and Services *

The LockBit Ransomware Group Claims to Infiltrate Mandiant Company's Network *

Hackers Actively Exploiting Critical Windows Zero-day Vulnerability in a Phishing Campaign *

Sensitive Data of Pharmaceutical Giant 'Novartis' Exposed in a Recent Cyberattack *

WatchDog Hacker Group Mining Crytpocurency in a Newly Launched Cryptojacking Campaign *

The Android Malware 'SMSFactory' Discreetly Subscribes Users to Premium Services *

Hackers Stolen NFTs From the Bored Ape Yacht Club Via Yuga Lab's Discord Server Hack *

GitLab Patches a Critical Account Takeover Vulnerability in its Enterprise Edition *

Malware Controlling Thousands of Sites in the Parrot TDS Network Identified by Researchers *

Chinese Threat Group LuoYu Using WinDealer Malware in Man on the Side Attacks *

Foxconn's Mexico-Based Manufacturing Unit Hit by Ransomware Attack *

Microsoft Suspended Malicious OneDrive Applications Used in Polonium's Attacks *

A New Clipminer Malware Brought its Operators $1.7 Million Via Transaction Hijacking *

Hackers Actively Exploiting New Atlassian Confluence Zero-Day Vulnerability in the Wild *

Attackers Targeted Hundreds of Unsecured Elasticsearch Databases in Ransom Attack *

SideWinder APT Group Creates Fake Android VPN App on Official Google Play Store *

RuneScape-Themed Phishing Campaign Steals Users' Account Details and In-Game Item Bank PIN *

A Zero-Day Vulnerability in Windows Microsoft Office Receives Free Unofficial Patch *

Researchers Found Over 3.6 Million MySQL Servers are Exposed to Public *

Costa Rica’s Public Health Service Network Hit by Hive Ransomware Attack *

Attackers can Hijack WhatsApp Accounts Using Call Forwarding Method *

Chinese APT Hackers Actively Exploiting New Microsoft Office RCE Vulnerability in the Wild *

A New XLoader Botnet Variant Hides its C2 Servers Using Probability Method *

Zoom Released Security Patches to Fix Four Critical Vulnerabilities in its Video Conferencing App *

Cisco Researchers Discovered Several Flaws in Open Automation Software Platform *

Hackers Leveraging a New Microsoft Office Zero-Day Flaw to Run PowerShell Commands *

Austrian Federal State Carinthia Hit by BlackCat Ransomware Gang *

Attackers Employing a New WSL-Based Malware to Steal Web Browser Cookies *

EnemyBot Malware Includes New Exploits for Critical Web Servers, Content Management Systems Vulnerabilities *

FBI: Attackers Marketing Network Access Credentials for U.S. Education Institutions in Hacking Forums *

Security Researchers Released Proof-of-Concept (PoC) Exploit for Critical VMware Flaw *

Microsoft Detected Multiple Security Vulnerabilities in Android Applications *

Threat Actors Stole Around 100,000 NPM User Account Credentials in GitHub OAuth Breach *

Zyxel Fixed Multiple Security Vulnerabilities in its Products *

Windows 11 KB5014019 Patch Affects Trend Micro UMH Driver, Breaking Ransomware Protection *

Scammers Impersonating QuickBooks Support Team in Phishing Attack *

Threat Actor Leveraging Stealthy BPFDoor Malware to Infect Linux and Solaris Systems *

Microsoft Shared Guidelines to Mitigate KrbRelayUp LPE Attacks on Windows Systems *

New Linux-Based Ransomware 'Cheers' Targeting Vulnerable VMware ESXi Servers *

Researchers Detected a Rise in ChromeLoader Malware Infection Rate, Targeting Windows and Mac Systems *

Developers Warned Users to Stop Using Tails 5.0 Linux Distributions Until Next Release *

Popular Python and PHP libraries Compromised to Steal Users' Amazon AWS Keys and Credentials *

Russian Government Agencies Targeted by Fake Windows Updates Campaign *

Researchers Discovered a New Chaos Ransomware Variant *

Trend Micro Fixed a DLL Hijacking Vulnerability in its Security Solution *

Mozilla Fixed Zero-Day Vulnerabilities in its Multiple Products *

Indian Airline SpiceJet Suffers Ransomware Attack, Impacted Flight Departures *

Hackers Targeted Security Researchers with Fake Windows PoC Exploits *

US Car Manufacturer General Motors (GM) Suffers Credential Stuffing Attack, Exposed its Customers Information *

Chinese Twisted Panda APT Group Targets Russian’s Defense Institutes in Espionage Attacks *

A New Unpatched Vulnerability in PayPal Allows Hackers to Steal Money From PayPal Users *

Microsoft Store App Issues are Fixed with Emergency Updates for Windows 10 *

Russian IoT Botnet Fronton Used to Launch Social Media Disinformation Campaigns *

Chicago Public Schools Suffers Massive Data Breach After Ransomware Attack *

Predator Spyware Actively Infecting Android Users in Zero-day Attacks *

Hackers Employing PDF Documents to Drop Snake Keylogger Malware *

Threat Actors Promoting New Cryptocurrency Scam Using Fake Elon Musk YouTube Videos *

Cisco Addressed a Zero-Day Vulnerability in IOS XR Router Software *

Vidar Malware is Distributed via Fake Windows 11 Downloads *

Malicious PyPI Package Drops Backdoors Targets Windows, Linux, and Mac OS *

North Korean Lazarus Hacking Group Leveraging Log4J Vulnerability to Infect VMware Servers *

QNAP Warned Customers on New DeadBolt Ransomware Attack *

Media Giant Nikkei’s Singapore Unit Suffers Ransomware Attack *

Microsoft Detects a Massive Rise in XorDDoS Malware Activity Targeting Linux Devices *

Most Sophisticated BlackCat Ransomware (ALPHV) Gang Targeting Various Organizations *

NVIDIA Addressed Ten Flaws in the Windows GPU Display Drivers *

Microsoft Warns About Brute-Force Attacks Targeting MSSQL Database Servers *

VMware Fixed Critical Vulnerabilities in its Multiple Products *

WordPress Fixed Critical Vulnerabilities in Jupiter Theme and JupiterX Core Plugins *

Over 200 Apps Found Distributing Facestealer Spyware Via Google Play Store *

Millions of Attacks Exploiting Vulnerable WordPress Tatsu Builder Plugin *

Multiple Third-Party Web Trackers Steal User's Entered Data Before Submitting *

CISA Alerts on Actively Exploited Spring And Zyxel Vulnerabilities *

A Custom PowerShell RAT Targeting German Users Looking for Ukraine Crisis Information *

Apple Patches a Zero-Day Vulnerability in its MacOS and Watch Devices *

Manufacturing Firm Parker-Hannifin Discloses Data Breach Post Ransomware Attack *

HTML Attachments Still Used in Phishing Emails as it Avoids Detection *

Sophos Fixes BSODs Flaw in Antivirus Driver Triggered After Windows KB5013943 Update *

CISA Warns May Windows Updates on Domain Controllers *

Fake Pixelmon NFT Site Infect Users with Password-Stealing Malware *

Attackers Promoted Fake Binance NFT Mystery Box Bots on YouTube to Install RedLine Malware *

SonicWall Patches New Vulnerabilities in its SSLVPN SMA1000 Devices *

Pro-Russian Hackers DDoS Italian Govt Sites Via “Slow HTTP” Technique *

Sysrv Botnet Variant is Now Exploiting New Vulnerabilities to Deploy Cryptomining Malware *

Massive WordPress JavaScript Injection Campaign Redirecting Visitors to Malicious Sites *

Zyxel Pacthes Critical Vulnerability in its Firewall Products *

Cobalt Mirage Attackers Using BitLocker and DiskCryptor in Ransomware Attacks *

A Stealthy BPFdoor Backdoor Targeting Linux and Solaris Systems *

FBI and CISA Warns on Supply Chain Attacks Targeting MSPs *

Bitter Hacking Group Targeting Bangladesh Government Entities via Spear-Phishing Campaigns *

HP Patches High-Severity BIOS Vulnerabilities Enabling Kernel Privileges *

Hackers Deploy a New Post-Exploitation Framework IceApple on Microsoft Exchange Servers *

Attackers Spreading Another Set of Malicious Apps Through Google Play Store *

Researchers Alerts on DCRat Backdoor Being Sold on Russian Hacking Forums *

Costa Rica Declares National Emergency Following Cyberattacks from Conti Ransomware Group *

Scammers Distributing Jester Stealer Malware in Phishing Attacks *

Microsoft Patches an Actively Exploited Windows LSA Spoofing Zero-Day Flaw *

Hackers Employing Critical F5 BIG-IP Vulnerability in Destructive Attacks *

FluBot Android Malware Aims at Finland in a New SMS Phishing Campaign *

German Automotive Industry Targeted by a Month-Long Malware Campaign *

Microsoft Patch Tuesday Security Advisory - May 2022 *

Microsoft Patches a Flaw in Azure Synapse and Azure Data Factory Pipelines *

QNAP has Fixed a Critical Vulnerability Affecting Remote Command Execution in QVR *

New Windows Worm Spreading Through Infected USB Drives *

US Agricultural Machinery Company 'AGCO' Suffers Ransomware Attack *

Google Docs Crashes at the Sight “And. And. And. And. And.” *

Attackers Hijacked Ferrari's Subdomain to Host Fake NFT Scam *

New NetDooka Malware Framework Distributed via PrivateLoader Malware Distribution Service *

Unsecured ElasticSearch Server Instance Exposed Thousands of Borrower's Data *

New Chinese Threat Group Moshen Dragon Targeting Asian Telecommunication Entities *

Security Researchers Disclose Years-Old Bugs in Avast and AVG Antivirus Solution *

Google Patches an Actively Exploited Linux Kernel Flaw in its Android Security Updates *

North Korean Hacker Group 'APT38' Linked to New Ransomware Strains *

Threat Actors Targeting Microsoft Logins from Compromised UK NHS Email Accounts *

Cisco Patches NFVIS Vulnerabilities Enabling Access to Root Privileges *

F5 Alerts Users on Critical BIG-IP RCE Vulnerability Allowing Device Takeover *

Hackers Targeting Pixiv, DeviantArt Artists to Push an Info-stealer Malware *

Pro-Ukraine Hackers Actively Exploiting Docker Images to DDoS Russian Sites *

Threat Actors Distributing Magniber Ransomware in a Fake Windows 10 Upgrade Campaign *

Over Millions of Routers and IoT Devices are Vulnerable to Unpatched DNS Vulnerability *

Aruba and Avaya Network Switches Highly Vulnerable to "TLStorm 2.0" Vulnerabilities *

Threat Actors Abusing Google’s SMTP Relay Service to Distribute Phishing Emails *

Car Rental Giant Sixt Hit by Cyberattack, Disrupting its Operations *

Threat Actors Employing Bumblebee Malware Instead of BazarLoader Malware in Cyberattacks *

Attackers Targeting Ukraine Websites from Compromised WordPress Sites in DDoS Attacks *

Synology Alerts Customers on Critical Netatalk Bugs, Affecting its Several Products *

Russian Threat Group Targeted Romanian Government Sites with DDoS Attack *

Austin Peay State University Suffers Ransomware Attack *

A YouTuber Encouraging Followers to Perform DDoS Attacks Against Russia *

Popular Social Media App Whatsapp Suffers Outage, Users Reported Connection Issues *

A NPM Flaw Enable Attackers to Add Other Developers to their Malicious Packages *

Microsoft Fixed Critical Vulnerabilities in Azure Database for PostgreSQL Flexible Server *

The RIG Exploit Kit Leverages an Internet Explorer Flaw to Spread RedLine Malware *

Chinese-Linked Threat Group 'Mustang Panda' Now Targeting Russian State Officers *

Threat Group Hive0117 Targeting Eastern European Organizations in Phishing Campaign *

QNAP Warned Customers to Disable AFP Until Critical Bugs Fixed *

Microsoft Disclosed a New 'Nimbuspwn' Vulnerability in Linux Operating System *

Threat Actors Actively Exploiting Critical VMware RCE Vulnerability to Deploy Backdoors *

Threat Actors Actively Spreading Emotet Malware Via Windows Shortcut Files *

Multinational Beverage Corporation Coca-Cola Suffers a Network Breach *

American Dental Associations Sensitive Data Stolen by Black Basta Ransomware *

North Korean APT Group Targeting Journalists with Malware 'Goldbackdoor' *

French Hospital Group Suffers Cyberattack; Administrative and Patient Data Exposed *

A Critical Flaw in Ever Surf Wallet Enable Attackers to Steal Victim's Cryptocurrencies *

Atlassian Patched Critical Authentication Bypass Flaw in Jira Seraph *

Hackers Slipping 'More Eggs' Malware Into Resumes Sent to Corporate Hiring Managers *

A Critical Flaw in Cisco Umbrella’s Default SSH Key Enabled Credential Theft *

UPI Suffers Outage, Social Media Flooded with Payment Failure Complaints *

T-Mobile Confirms Lapsus$ Threat Group Breached its Internal Network *

Several Critical Flaws Disclosed in SmartPTT and SmartICS Industrial Products *

QNAP Urges Users To Mitigate Critical Apache HTTP Server Flaws *

LemonDuck and TeamTNT Hacking Docker Servers in Cryptomining Malware Campaigns *

A Critical Android Chipset Vulnerability Enables Attackers to Access User's Media Files *

New BotenaGo Botnet Variant Targeting Lilin Security Camera DVR Devices *

Amazon Web Services Patches Container Escape in Log4Shell Hotfix *

Russian Threat Group Employing New Pteredo Variants to Infect Targeted Ukrainian Entities *

Hive Ransomware Group Targeting Vulnerable Microsoft Exchange Servers *

Emotet Botnet Increased its Infection Rate in March 2022 *

CISA Warns About an Actively Exploited Windows Print Spooler Vulnerability *

QNAP Warned Customers to Secure NAS Devices from Cyberattacks *

Lenovo Disclosed UEFI Firmware Driver Vulnerabilities, Affecting Over 100 Laptop Models *

Israelian NSO Group Leveraging New iOS Flaw to Drop Spyware on iPhone Devices *

CISA Issues a Warning Regarding a North Korean Hacking Group Targeting Cryptocurrency Industries *

A Threat Actor Stole $655,388 in Cryptocurrency from Apple's iCloud *

Hackers Using Fake Windows 11 Upgrade Campaign to Infect Users *

Decentralized Finance Project Beanstalk Lost $182 Million in Flash-loan Attack *

Cisco Patches a Critical Authentication Bypass Vulnerability in its WLC Software *

'JekyllBot:5' Bugs Enable Hackers to Compromise Aethon TUG Hospital Robots *

Hackers Accessed Several GitHub's Private Repositories Using Stolen OAuth Tokens *

Scammers Targeting T-Mobile Customers in SMS Phishing Attacks *

A Vulnerability in Rarible NFT Marketplace Let Attackers Steal Users' Crypto Assets *

Wind Turbine Manufacturer 'Nordex' Suffers Conti Ransomware Attack *

Oil India Limited (OIL) Suffers Ransomware Attack *

Threat Actors Targeting Ukrainian Government Entities with IcedID Malware and Zimbra Exploits *

'OldGremlin' Ransomware Group Returns with New Malware Targeting Russian Entities *

CISA Warns About an Actively Exploited Windows Local Privilege Escalation Vulnerability *

Google Fixes An Actively Exploited Vulnerability in its Chrome Browser *

Malware Campaigns Targeting African Bank Employees with RemcosRAT Malware *

Russian Hackers Employ the Industroyer2 Malware to Attack Ukraine Power Grid *

Federal Agencies Issues a Joint Advisory on APT Groups Targeting ICS/SCADA Devices *

Hackers Actively Exploiting An Already Patched Critical VMware Vulnerability *

WordPress Developers Patches a Critical Flaw in Elementor Plugin *

A New Malware Tarrask Hides Scheduled Tasks Using Windows Vulnerability *

HP Patches Critical Bugs Impacting 15 Million Endpoints in Teradici PCoIP Software *

Hashnode Blogging Platform Reported to Have Critical LFI Vulnerability *

Microsoft Patch Tuesday Security Advisory - April 2022 *

Italian Luxury Fashion House 'Ermenegildo Zegna' Confirms Ransomware Attack *

Threat Actors Leveraging Spring4Shell Exploits to Install Mirai Malware *

American Manufacturing Company 'Snap-on' Suffers a Data Breach *

Researchers Issue Alert About Information-Stealing Malwares FFDroider & Lightning *

Qbot Operators Now Distributing Malware via MSI Windows Installer Packages *

The Android Banking Trojan Mimics Bank Customer Service Calls *

Atlassian's Ongoing Outage Might Extend Another Two Weeks *

Threat Actors Distributing a New META Malware in Spam Campaigns *

Chinese Threat Actors Actively Targeting Indian Power Grid Organizations *

New Octo Malware Let Attackers Take Control of Android Devices Remotely *

A New Traffic Direction System 'Parrot' Infects 16,500 Sites to Deploy Malware *

New Malware 'Denonia' Targets Serverless AWS Lambda with Cryptominers *

Hackers Harvesting Data Via Malicious Android Apps with Million of Downloads *

Threat Actors Using New 'FFDroider' Malware to Steal Social Media Accounts *

An Ongoing Atlassian Outage Affects Jira and Confluence Customers *

OpenSSL Infinite Loop Vulnerability Affects Palo Alto Networks Firewalls and VPNs *

Scammers Using Malicious Shopping Apps to Steal Bank Credentials of Malaysian Customers *

UK Retail Chain The Works Hit by Cyberattack *

VMware Patches Critical Vulnerabilities in its Multiple Products *

CISA Issues an Alert Relating the Active Exploitation of a Critical Spring4Shell Vulnerability *

Researchers Link Chinese Threat Group 'Cicada' to Widespread Espionage Attacks *

Hackers Breach Email Marketing Company 'Mailchimp' to Conduct Phishing Attacks *

FIN7 Hacking Group Employing Stolen Credentials and Software Supply Chain Attacks *

Several Hacking Groups Capitalizing on Russia-Ukraine War To Distribute Malware *

Threat Actors Marketing New Sophisticated Malware on Russian Hacking Forums *

Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave Routers *

New RAT Malware 'Borat' Appears on Hacking Forums, Offering Several Features *

Brokenwire Hack Could Let Attackers Disrupt Charging for Electric Vehicles Remotely *

VMware Fixes Critical Spring4Shell RCE Vulnerability in its Multiple Products *

A 15 Year Old Bug in Pear PHP Repository could Lead to Supply Chain Attack *

Trend Micro Patches Actively Exploited Vulnerability in its Apex Central Product *

Threat Actors Employ New Android Spyware to Harvest Sensitive User Data *

American Express Suffers Massive Outage, Affects Payment Services *

Threat Actors Abusing Microsoft Azure Static Web Pages in Phishing Attacks *

Hackers Using Fake Trezor Data Breach Emails to Harvest Users Cryptocurrency Assets *

CISA Warns Federal Civilian Agencies to Patch Critical Sophos Firewall Vulnerability *

Critical GitLab Vulnerability Enables Hackers to Take Over User Accounts *

Palo Alto Networks Error Leaks Customer Support Cases, Attachments *

Apple Patches Two Zero-Days in its iPhones, iPads, and Macs Devices *

Zyxel Patches Critical Authentication Bypass Vulnerability in its Firewall and VPN Products *

Vulnerable Wyze Cam Devices Allow Hackers to View Video Feeds *

Chinese Hackers Installing New 'Fire Chili' Rootkit on Vulnerable VMware Horizon Servers *

Viasat Confirmed Satellite Modems were Compromised with AcidRain Malware *

Developers Release a Fix for a Zero-Day Vulnerability in Spring Java Framework *

A New Zero-Day Vulnerability in Spring Java Framework Allows Remote Code Execution *

A Severe OpenSSL Bug Affects the Majority of QNAP NAS Devices *

Globant, an IT and software Firm, Suffers a Data Breach; 70GB of Data is Stolen *

Viasat's KA-SAT Satellite Service Suffers From Cyberattack *

A New Spear-phishing Campaign Targets Russian Govt Dissidents with Cobalt Strike *

Russian Phishing Attacks Target NATO, and European Military Forces *

FBI Warns Election Officials of Credential Phishing Campaigns *

Transparent Tribe Hackers Targeting Indian Government Officials Via Modified MFA Tool *

Mars Stealer Malware Spreads Through OpenOffice Ads on Google *

New Malware 'Verblecon' Infects Hacked PCs with Cryptocurrency Miners *

CISA Wans of Attacks on Internet-connected UPS Devices *

Shutterfly Discloses Data Breach Post Suffering Conti Ransomware Attack *

Threat Actors Using Infected WordPress Sites to Launch DDoS Attacks *

Remote Keyless System of Honda Vehicles Vulnerable to Replay Attacks *

Threat Actors Targeting Vulnerable Microsoft Exchange Servers Via Reply Chain Hijacking Attacks *

'Purple Fox' Hackers Actively Using New Variant of FatalRAT in Recent Malware Attacks *

Muhstik Botnet Targeting Redis Servers Recently Disclosed Vulnerability Via Recently Disclosed Vulnerability *

An Emergency Google Chrome Update Fixes Zero-Day Flaw Used In Attacks *

A Critical Vulnerability in Sophos Firewall Enables Remote Code Execution *

Chinese Hacking Group 'Scarab' Spotted Targeting Ukraine Amid Russia Invasion *

Threat Actors Distributing a Vidar Infostealer Via Malicious Email Attachments *

Hackers Targeting Azure Developers Via Over 200 Malicious NPM Packages *

Social Engineering Attacks Compromise Morgan Stanley Client Accounts *

Western Digital Updates My Cloud OS To Patch Critical Vulnerability *

Threat Actors Distribute a New Version of JSS Loader RAT Via Malicious Microsoft Excel Add-ins *

North Korean Hackers Actively Exploiting Recently Patched Chrome Zero-day Flaw *

VMware Releases Patches For Carbon Black App Control Flaws *

New WPS Office Flaws Give Hackers Access To Betting Firms *

China-Linked Threat Actor 'Mustang Panda' Targets European Diplomats and ISPs *

Thousands of MikroTik Routers Abused in Glupteba, TrickBot Campaigns *

Microsoft Confirms the Hack by LAPSUS$ Extortion Group, 37GB of Source Code Leaked *

New Dell BIOS Flaws Affect Millions of Inspiron, Vostro, XPS, Alienware Systems *

Several HP Printer Models Vulnerable to Remote Code Execution Attacks *

Greece's Public Postal Service ' ELTA' Suffers Ransomware Attack *

Researchers Expose Custom macOS Malware of Chinese Hackers *

A New Crypto Scam Dubbed 'CryptoRom' Abusing iPhone Features to Target Mobile Users *

New Backdoor 'Serpent' Targets French Entities via Open-Source Package Installer *

Hackers Targeting Bank Networks with New Rootkit to Compromise ATM Machines *

Threat Actors Spreading BitRAT Malware as Windows 10 License Activator *

Hackers Impersonating Legit Domains by Using New Browser-in-the Browser (BITB) Attack *

Opatch Releases an Unofficial Patch For Windows Zero-Day Flaw Giving Admin Rights *

Hackers Infecting Android Users Via Password Stealing Malware 'FaceStealer' *

Internet Systems Consortium (ISC) Patches High-severity Bugs in BIND Server *

A New Variant of Cyclops Blink Botnet Actively Targeting ASUS Routers *

Europe Warns of Aircraft GPS Outages Linked To Russian Invasion *

Unsecured Microsoft SQL and MySQL Servers are Targeted by Gh0stCringe Malware *

SolarWinds Warns Against Attacks Aimed at Web Help Desk Instances *

Over Hundreds of GoDaddy-Hosted Sites Were Backdoored In One Single Day *

CISA Added 15 Known Vulnerabilities Exploited in Attacks *

OpenSSL Patches a High-Severity DoS Vulnerability *

Hackers Employing Log4j Exploits to Infect Linux Machines *

A Massive Phishing Campaign Employs 500+ Domains to Steal Credentials *

Giant Automotive Manufacturer DENSO Suffers Data Breach *

QNAP Alerted on Linux 'Dirty Pipe' Vulnerability, Affecting its NAS Devices *

Threat Actors Employed CaddyWiper Data Wiping Malware in Ukraine Attacks *

New Linux Vulnerability Allows Hackers to Elevate Privileges *

Researchers found New Evidence linking Kwampirs Operators to Shamoon Malware *

Bridgstone Americas Suffers Data Breach Post Ransomware Attack *

Vulnerable Package Managers let Attackers to Infect Developers' Systems *

Giant Video Game Developer Ubisoft Disclosed a Cyberattack, Services Disrupted *

New Variant of Aberebot Trojan Harvest Users' Google Authenticator MFA Codes *

Attackers Using YouTube Platform to Infect Video Games Players with Malware *

Threat Actors Using Custom-made Hacking Tools in Cyberattacks *

Emotet Botnet Employing Over 100,000 Bots to Carryout Cyberattacks *

Iranian Threat Group Targeting Turkey and Arabian Peninsula in Malware Attack *

Threat Actors Employing Mitel Devices to Launch DDoS Reflection Attacks *

Russian Federal Agencies' Websites Compromised in a Supply Chain Attack *

CISA Updated Conti Ransomware Alert with 100 Domains used in Cyberattacks *

Chinese Threat Actors Targeting European Diplomatic Entities in Phishing Attacks *

Scammers Impersonating Government Officials and Law Enforcement in Fraud Scams *

Coinbase Blocks Over 25,000 Blockchain Addresses Linked to Russian Individuals *

A New Linux Vulnerability Enable Hackers to Gain Root Access on Vulnerable Systems *

Microsoft Fixes a Critical Azure Bug Exposing Other Customers Data *

Romania's Rompetrol Gas Station Network Suffers Hive Ransomware Attack *

Ukraine's Computer Emergency Response Team Warns of New Phishing Attacks *

TerraMaster Patches Critical Vulnerabilities in its Network-attached Storage (NAS) Devices *

Researchers Identify SharkBot Malware Disguised as an Android Antivirus on Google Play Store *

Threat Actors Using Stolen NVIDIA's Code-signing Certificates in Cyberattacks *

Russian Government Shares a List of IP Addresses DDoSing Russian Organizations *

Vulnerable Linux Kernel Versions Enable Hackers to Execute Arbitrary Commands *

New Security Bug Affects Thousands of Self-Managed GitLab Instances *

Mozilla's Security Updates address two critical zero-day vulnerabilities in Firefox *

'Lapsus$' Hacking Group Allegedly Leaks Samsung Electronics Confidential Data *

Cisco Issue Patches for Expressway Series, TelePresence VCS Products *

Researchers Propose New Side-Channel Attack on Homomorphic Encryption *

New York State Office of the Attorney General Warns Users Impacted by T-Mobile Data Breach *

Over 71,000 NVIDIA Employees Credentials Compromised as a Result Of a Data Breach *

Researchers Disclose a Malware Campaign Impersonating VC Firm Using Phishing Emails *

Developers Address Critical Security Flaws in Famous Multimedia Library PJSIP *

Researchers Disclose Critical Security Vulnerabilities in VoIPmonitor Monitoring Software *

Threat Actors Leveraging Log4Shell Vulnerabilities to Launch DDoS and Cryptomining Attacks *

Belarusian Nation-state Threat Group Actively Targeting European Government Entities *

TrickBot Operators Updates its AnchorDNS Backdoor to AnchorMail *

Threat Actors Abusing Google Ads to Push Hundreds of eBike Phishing Sites *

China-linked Daxin Malware Actively Targeting Several Governments Infra in Espionage Attacks *

TeaBot Malware Resurfaces on Google Play as a QR Code Scanner App *

Insurance Giant 'AON' Suffered Cyberattack Over the Weekend *

Second New Malware 'IsaacWiper' Targets Ukraine Amid Russian Invasion *

Automobile Giant 'Toyota' Halts Production Amid Cyberattack on Supplier *

Video Surveillance Giant 'Axis Communications' Suffers Massive Network Breach *

Threat Actors Abusing Content Filtering Devices in DDoS Amplification Attacks *

An Infostealer Malware 'Jester Stealer' Updated with New Malicious Capabilities *

Threat Actors Using Ransomware as Decoy in Ukraine Cyberattacks *

Android Visual Voice Mail App Vulnerability Let Attackers to Steal User Passwords *

NHS Urges Users to Patch Okta Advanced Server Client RCE Vulnerability *

American Multinational Technology Corporation 'Nvidia' Hit by Cyberattack *

Targeted Citibank Customers Suffer Phishing Attack with Fake Suspension Alerts *

Threat Group 'UNC2596' Exploiting Microsoft Exchange Vulnerabilities to Install Ransomware Payload *

Hackers Using Microsoft Official Store to Deploy Malware on Victims' Systems *

Threat Actor Group 'APT27' Hit US Defense Contractors Using Stealthy SockDetour Backdoor *

Deadbolt Ransomware Operators Actively Targeting ASUSTOR NAS Devices *

Researchers Identify a New Destructive Wiper Malware Leveraged in Ukraine Attacks *

CISA Warns About an Actively Exploited Flaws in Zabbix Network Monitoring Platform *

Researchers Unveil New Malware 'Small Sieve' Used by MuddyWater Hackers *

Researchers Warn of New Russian Botnet Built from Hacked Firewall Devices *

25 Malicious JavaScript Libraries Enable Hackers to Steal Users' Discord Tokens and Environment Variables *

Threat Actors Employing Dridex Bots to Deploy Ransomware Payload on Infected Networks *

Chinese Researchers Uncover Details About Equation Group's Bvp47 Backdoor *

Researchers Disclose a 9-Year-Old Bug in Horde Webmail Software *

Massive DDoS Attacks Hit Ukrainian Government Agencies and Banks Once Again *

Researchers Disclose a New Phishing Technique Bypassing Multi-factor Authentication *

Chinese Threat Group 'APT10' Targeting Taiwan Entities in a Supply Chain Attack *

Hancom Office Software Vulnerable to Code Execution and Memory Corruption Attacks *

Fraudsters Stolen $1.7 Million Worth NFTs from OpenSea Users' in a Phishing Attack *

Threat Actors Actively Scanning Vulnerable MS SQL Servers to Deploy Cobalt Strike Beacons *

A New Android Banking Trojan Spotted on Google Play Store, Targeting Europeans *

American Logistics Company 'Expeditors International' Hit by Massive Cyberattack *

Giant Cookware Distributor 'Meyer Corporation' Suffers Data Breach Following Ransomware Attack *

Islamic Republic of Iran Broadcasting (IRIB) Hit by Cyberattack *

WordPress Force-Updating UpdraftPlus Plugin Patch on Million of Sites *

Iranian Threat Group Leveraging Log4j Vulnerabilities to Affect VMware Horizon Servers *

PseudoManuscrypt Botnet Followed CryptBot Techniques Since May 2021 *

Monzo Online Banking Users Targeted by New phishing Attack *

Popular E-cigarette Online Store was Compromised to load Credit Card Skimmer *

Adobe Updated its Security Advisory for Critical Vulnerability *

Cisco Patched high severity vulnerability Impacts Cisco Email Security Appliance *

Hackers Use Microsoft Teams Chats to Spread Malware *

Researchers Alerts on Golang-based Kraken Botnet Targeting Windows Systems *

Cyber Threat Group 'Moses Staff' Targeted Israeli Organizations *

Red Cross Claimed State-Sponsored Hacking Group Responsible for the Attack *

BEC Scammers Impersonating CEOs in Virtual Meetings *

Trickbot Malware Targeting Well-known Companies to Steal Users Credentials *

Researchers Disclosed a High-Severity Vulnerability in Apache Cassandra *

VMware Patched High Severity Vulnerabilities Affecting Several Products *

BlackCat Ransomware Group Claims Swissport Ransomware Attack *

Ukrainian Defense and Two Bank Sectors Hit By Massive DDOS Attack *

Threat Actors Employing Mylobot Malware to Send Cyberbulling Emails *

Researchers Attribute ShadowPad Malware Attacks to Chinese Threat Groups *

Japanese Sportswear Company Mizuno Hit by Ransomware Attack *

Moxa Patches 5 Critical Security Vulnerabilities in its MXview Software *

Ukraine Suffers from Ongoing Massive Hybrid Warfare *

NFL’s San Francisco 49ers Team Hit by Blackbyte Ransomware Attack *

Google Pushes a Chrome Update to Fix Zero-day in its Chrome Browser *

Adobe Fixed Critical Zero-day Vulnerability, Affects Adobe Commerce and Magento Users *

Croatian Mobile Network Operator 'A1 Hrvatska' Suffers Data Breach *

Researchers Identified New Sophisticated Rust-based Ransomware Attack *

CISA Added 16 New Flaws to its Known Exploited Vulnerabilities Catalog *

Threat Group ModifiedElephant Installed Fake Digital Evidence on Indian Activists *

Apple Patches an Actively Exploited Zero-Day Flaw in its Security Updates *

Threat Actor Group 'APT29' Targeted European Diplomats Via COVID-19-Themed Phishing Emails *

FritzFrog Botnet Infects 1500 Hosts Within a Span of One Month *

Researches Disclose Advanced Threat Group 'ModifiedElephant' Stealth Mode Operation Strategies *

Vulnerable 'PHP Everywhere' Plugin Pose High Risk for Thousands of WordPress Sites *

Iranian Threat Group Deploying Backdoor Dubbed Marlin in a New Espionage Campaign *

Hackers Infected Hundreds of Magento Sites in MageCart Attacks *

FBI Alerts Users of Increased SIM Swap Fraud Hijacking Victims Numbers *

Advance Threat Group Employing New Implant to Infect Middle East Entities *

Threat Actors Targeting European Android Users in Smishing Attacks *

Kimsuki Hacker Group Using Commodity RATs with Custom Gold Dragon Malware *

Google Patches Two Critical Bugs Via Android Security Updates for Feb 2022 *

Vulnerable Mimosa Wireless Broadband Products are Exposed to Remote Attacks *

SAP Patches Multiple Security Vulnerabilities in its February 2022 Security Patch Day *

Vodafone Portugal Hit by Massive Cyberattack *

Microsoft Patch Tuesday Security Advisory - February 2022 *

Politically Motivated Threat Group Targeting Indian Military and Diplomatic Resources *

Medusa Malware Targeting Android Users in Smishing Campaigns *

Leading Sportswear Manufacturer Puma Suffers Data Breach Following Ransomware Attack *

DPD Group's Parcel Tracking Flaw May Expose Customers' Personal Information *

Vulnerable Argo CD Exposes Sensitive Information from Kubernetes Apps *

American Media Giant News Corp Hit by Persistent Cyberattack *

Researchers Identified a New Ransomware-as-a-Service (RaaS) Operation in Cyberattacks *

Israeli Company QuaDream Abusing iPhone Security Vulnerability to Deploy Spyware *

Switzerland's Aviation Firm Swissport Hit by Ransomware Attack *

Chinese Threat Actors Actively Exploiting a Zimbra Zero-day Vulnerability to Steal Emails *

Cisco Patches Several Flaws Discovered in Small Business RV Series Routers *

Intuit Warns of Phishing Campaign Sending Fake Account Suspended Mails *

Antlion Hackers Targeting Financial and Manufacturing Institutes Using Custom Backdoor *

Threat Actor Group 'Moses Staff' Using New StrifeWater RAT in Ransomware Attacks *

UEFI Firmware Vulnerabilities Impact at least 25 Computer Vendors *

Threat Actors Using SEO Poisoning Technique to Install Malware Package *

New Malware Used by SolarWinds Hackers Went Undiscovered for Many Years *

Kenyon Produce (KP) Snacks Company Suffers Ransomware Attack *

Morley Companies Inc. Discloses a Data Breach Post Ransomware Attack *

ESET Patches High Severity Vulnerability Affecting its Multiple Products *

Threat Actor Group 'Charming Kitten' Using New PowerShell Backdoor in Cyber Espionage Attacks *

SolarMarker Malware Employing Novel Techniques to Persist on Hacked Systems *

Researchers Disclose New Iranian Hacking Campaign Targeting Turkish Users *

Researchers Found a New Oski Malware Variant Dubbed ' Mars Stealer' in Cyberattacks *

Phishing Scammers Employing Malicious CSV Files to Drop Malware *

German Petrol Supply Firm Oiltanking Severely Impacted by Cyber-attack *

British Council Suffers Data Leak, 144000 Records Exposed *

Gamaredon Threat Group Using New Malicious Files in Phishing Attack *

Samba Patched a Critical Vulnerability that Let Hackers Gain Root Access *

Hackers Abusing UPnP Routers to Perform Malicious Activities *

WordPress Addresses a Critical Vulnerability in a Plugin with Over a Million Downloads *

Russian Threat actors Employ Stealthy Malwares in Cyber Espionage Campaign Dubbed 'StellarParticle' *

Taiwanese Electronics Manufacturer, Delta Hit by Conti Ransomware *

Hackers Taking Over CEO accounts Using Rogue OAuth Apps *

Phishing Operators Using a Windows Update to Install Malware *

Researchers Discover Over 20,000 Vulnerable DCIM Systems Prone to Attacks *

Finnish Diplomats’ Mobiles Infected with Pegasus Spyware *

Patched Windows Vulnerability with New Public Exploits Lets Hackers Become Admin *

Linux Version of LockBit Ransomware Targeting VMware ESXi Servers *

Discord Suffers Major Outage Caused by API and Database Issues *

Chaes Banking Trojan Hijacking Chrome with Malicious Extensions *

New FluBot and TeaBot Campaigns Abusing Android Devices Worldwide *

Phishing Attack Impersonate Shipping Giant 'Maersk' to Deploy Malware *

A Video Game Company BANDAI NAMCO Shutdown Servers to Prevent Cyberattacks *

Apple Patches New Zero-day Exploited to Hack macOS, iOS Devices *

German Government Warns of APT27 Group Backdooring Business Networks *

Linux System Service Flaw Enables Root on all Major Distros *

DazzleSpy Malware Targets macOS Users in Watering Hole Attack *

Threat Actors Employing Compromised Accounts to Deliver Large-scale Phishing Emails *

Premium Subscription-Based Scam Targeting Android Users *

TrickBot Malware Operators Added New Techniques to Elude Detections *

Russian Threat Group Targeting Government and Defense Industries *

New DeadBolt Ransomware Targets QNAP Devices, Demands 50 BTC for Master Key *

Initial Access Broker Attack VMware Horizon Servers in Log4Shell Attacks *

Canadian Government Hit by Cyberattack, Few Services Disrupted *

Threat Actors Hacked Segway Store to Steal Customers' Credit Card Data *

Emotet Spam Campaign Using Unconventional IP Address to Evade Security Detections *

Phishing Campaign Employing Malicious PowerPoint Files to Push Malware *

Threat Actors Now Actively Targeting a Patched Critical SonicWall RCE Bug *

Two CWP Bugs Allow Code Execution as Root on Linux Servers *

Android Malware BRATA Strikes Back with Enhanced Features, Wipes Device After Stealing Data *

Hackers Encrypted Belarusian Railway's Internal Servers in Protest *

Researchers Identified a New UEFI Firmware Implant in Cyberattacks *

Hackers Backdoored Over 90 WordPress Themes, Plugins in Supply Chain Attack *

Researchers Uncover 2 Flaws in Zoom Software, Resulting in Zero-click Attack *

SonicWall Provides Temp Fix For Firewalls Stuck in Reboot Loop *

CISA Discloses New 17 Vulnerabilities Exploited in Attacks *

Threat Group Molerats Targeting Middle East in Cyberespionage Campaign *

McAfee Agent Update Fixes Two High-Severity Vulnerabilities *

F5 Patches 24 Vulnerabilities in its BIG-IP, BIG-IQ, and NGINX Controller API Products *

Dutch National Cybersecurity Centre Warns of Lingering Log4j Threats *

WordPress Plugin Flaw Puts Users of 20,000 Sites at Phishing and Code Injection Risk *

Several Spyware Campaigns Stealing Credentials in Industrial Firms *

DoNot Hacking Group Targeting Government and Military Entities in South Asia *

Indonesia's Central Bank Discloses Ransomware Attack, Conti Leaks Data *

Cisco Flaws Provide Remote Attackers Root Privileges via Debug Mode *

Red Cross Cyberattack Leaks Data of 515,000 Individuals *

SolarWinds Patches Serv-U Vulnerability Exploited for Log4j Attacks *

Russian Attackers Employing Subscription-based Malware Service to Deploy Malware *

Scammers Impersonating United States Department of Labor in Phishing Campaign *

A New Stealthy Malware Targeting Users' Cryptocurrency Wallets and Passwords *

Researchers Discloses a Critical Flaw in SAP NetWeaver AS ABAP and ABAP Platforms *

Critical Flaw in IDEMIA Biometric Identification Devices Enable Unauthorized Access *

Large-scale Phishing Campaign Targeting Renewable Energy Firms *

Researchers Link New White Rabbit Ransomware to FIN8 Hacking Group *

Earth Lusca Hackers Targeting High-Value Targets in Government and Private Sectors *

Microsoft Issues Emergency Patches for Windows Server, VPN Bugs *

Fashion Giant Moncler Discloses Data Breach Post Ransomware Attack *

Microsoft Warns of Fake Ransomware Targeting Ukraine in Data-wiping Attacks *

High-Severity CSRF Flaw in 3 WordPress Plugins Affected 84,000 Websites *

Nintendo Warns of Phony Sites Pushing Fake Switch Discounts *

eNom Data Center Migration Process Knocks Sites Offline *

Zoho Patches a Critical Security Flaw in Desktop Central *

An Undisclosed npm Dependency Flaw Affected Facebook's Create React App *

Vulnerable Apple Safari Browser Allows Hackers to Track User Activity *

Cybercriminals Abusing Public Cloud Infrastructure to Distribute Several RAT's *

Goodwill's E-commerce Platform 'ShopGoodwill' Suffers Data Breach *

Cisco Patches a Critical Bug Affecting Unified CCMP and Unified CCDM *

Qlocker Ransomware Returns to Target QNAP NAS Devices Globally *

Defense Contractor Hensoldt Discloses a Ransomware Attack *

Massive Cyber Attack Knocks Down Several Ukrainian Government Websites *

North Korean Hackers Stealing Millions from Cryptocurrency Startups Globally *

Financially Motivated Hacking Group Targeting Cryptocurrency Startups *

Threat Actors Compromised FIFA 22 Accounts Using Social Engineering Techniques *

AWS Patched Security Vulnerabilities that Exposed AWS Customers' Information *

Sentinel LABS Released an Unofficial Patch for Privilege Escalation Vulnerability, affecting all Windows Devices *

OceanLotus Threat Group is using Web Archive Files to Install Backdoors *

Magniber Ransomware Gang now Utilizing Signed APPX Files in Attacks *

Microsoft Patched Critical Flaw in Windows HTTP Protocol Stack *

Apple Fixed a Persistent Denial of Service (DoS) Flaw Dubbed 'doorLock' *

Ransomware Operators Leveraging Log4Shell Exploit to Infect VMware Horizon Systems *

Microsoft Patch Tuesday Security Advisory - January 2022 *

New SysJoker Backdoor Actively Targeting Windows, macOS, and Linux Users *

Threat Actors Deploying New RedLine Malware Via Fake Omicron Stat Counter App *

KCodes NetUSB Kernel Module Bug Affects Millions of Routers Globally *

CISA Warns Federal Agencies of Ancient Flaws Still Being Exploited *

Threat Actor Group 'Patchwork' Infecting Users with Ragnatela Malware *

Researchers Link 'Abcbot' Botnet Operation to Xanthe Cryptomining Botnet Operators *

Threat Actors Targeting Cybersecurity Researchers and Developers in Malware Campaign *

State Hackers Employ New PowerShell Backdoor in Log4j Attacks *

Vulnerable Open-Source NPM Libraries 'colors' and 'faker' Breaks Thousands of Apps *

Linux Version of AvosLocker Ransomware Encrypting VMware ESXi Servers *

Researchers Discovered Security Flaw like Log4Shell in H2 Database Console *

A New 'Night Sky' Ransomware Targeting Corporate Companies *

Microsoft Warns of Persistent Attacks Leveraging Apache Log4j Flaws *

Y2K22 Bug Hits SonicWall's Email Security, Firewall Products *

Hackers Employ BadUSB to Target Defense Firms with Ransomware *

NHS Warns of Unknown Hacker Group Exploiting Log4Shell in VMware Horizon *

FluBot Malware Operators Targeting Europe Posing as Flash Player App *

FinalSite Hit by a Ransomware Attack that Disrupted Thousands of Schools *

QNAP Warns of Attacks Targeted at Internet-exposed NAS Devices *

North Korean Hacker Group "Konni" Attacks Russian Foreign Ministry *

Credential Stuffing Attacks Impact 1.1 Million Users at 17 Companies *

US Online Pharmacy "Ravkoo" Suffers Data Breach Post AWS Portal Hack *

Hackers Abusing Google Docs Commenting Feature to Drop Malware *

FBI Warns of an Ongoing Google Voice Authentication Scams *

Microsoft Releases an Emergency Update to Address Windows Remote Desktop Issues *

Threat Actors Injecting Web Skimmer Code to Steal Sensitive Information *

U.S. Cellular Disclose Data Breach Post Billing System Hack *

Hospitality Chain McMenamins Suffers Data Breach Post Ransowmare Attack *

Apple iOS Vulnerable to Denial of Service Flaw "doorLock" *

Broward Health Company Discloses a Data Breach, 1.3 Million Individuals Affected *

Threat Actors Deploying Purple Fox Malware via Malicious Telegram Installers *

Microsoft Release a Temporary Fix to Address Exchange Server Flaw *

Kyoto University Loses 77TB of Research Data due to Backup Error *

Netgear Leaves Six High Severity Vulnerabilities Unpatched in Nighthawk Router *

PulseTV Discloses Data Breach of 200,000 Credit Cards *

Researcher Discloses a Security Flaw in Uber's Email System *

New iLOBleed Rootkit Wiping Data from Compromised HP Enterprise Servers *

AvosLocker Ransomware Group Releases Decryptor Post Breaching US Police *

Firmware Attack May Drop Persistent Malware in Hidden SSD Area *

Chinese APT Hackers Employ Log4Shell Flaw to Attack an Academic Institution *

Prominent Crypto Trading Platform, ONUS Suffers Ransomware Attack via Log4j Hack *

Storage Devices of Several Vendors Impacted by Encryption Software Bugs *

Norwegian Media Giant Amedia Suffers Disruption Due to Cyberattack *

Researchers Disclose New Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics *

Apache Releases Log4j 2.17.1 to Address a Remote Code Execution Bug *

RedLine Malware Stealing Passwords Saved in Chromium-based Web Browsers *

BlackTech Cyber-espionage APT Targeting Japanese Companies Using Flagpro Malware *

Threat Actors Attempted to Compromise LastPass Users Master Passwords *

Researchers Identify Infiltration of Riskware Apps on Samsung's Galaxy Store *

Threat Actors Actively Abusing MSBuild for Cobalt Strike Beacon Execution *

Photo Services Giant Shutterfly Hit by Conti Ransomware Attack *

ech0raix Ransomware Group Actively Scanning for Vulnerable QNAP NAS Devices *

Pirated 'Spiderman: No Way Home' Movie Torrent Delivers Crypto-Mining Malware *

Several Vulnerabilities in Garrett Metal Detectors Let Hackers to Alter Configurations *

Global IT Services Provider Inetum Suffers Ransomware Attack *

Android Banking Trojan Spreads via Bogus Google Play Store Page *

Blackmagic Patches Critical DaVinci Resolve Code Execution Flaws *

Dridex Operators Targeting Covid-19 Victims via Omicron Phishing Taunts *

Monongalia Health System Suffers Email Breach, Affecting 400,000 Individuals *

NVIDIA and HPE Patches Apache Log4j Library Vulnerabilities in its Products *

Researchers Disclose a New Variant of Babuk Ransomware *

New Dell BIOS Updates Results in Laptops and Desktops Boot Issues *

Apple Patches macOS Security Flaw Behind Gatekeeper Bypass *

Researchers Uncover New Phishing Campaign Aimed at CoinSpot Crypto Exchange *

Threat Actors Deploying Stealthy BLISTER Malware on Windows Devices *

Pro Wrestling Tees Discloses Data Breach, 31,000 Customers Info Compromised *

Apache Patches Two Severe Security Vulnerabilities in its HTTP Server *

Microsoft Azure App Service Bug Exposes Customers Source Code Repository *

CISA, FBI and NSA Releases Joint Advisory and Scanner for Log4j Vulnerabilities *

Chinese-speaking Espionage Group Targeting Government and Transportation Sectors *

Researchers Identify Stealthy Backdoors in Auerswald's COMpact 5500R PBX's Firmware *

All Mobile Phone Generations Since 2G Vulnerable to Newly Identified Mobile Network Vulnerabilities *

FBI: Threat Actors Actively Exploiting New Zoho Zero-Day Since October 2021 *

Over 820,000 Vulnerable WordPress sites are Exposed to Attacks *

PYSA Ransomware Group was Behind Major Attacks in November 2021 *

Scammers Impersonate Pharmaceutical company 'Pfizer' in Phishing Attacks *

Sony Life Insurance Employee Arrested for Stealing $154 Million Dollars *

Hackers Taking Over Vulnerable Windows Domains via Elevation of Privilege Vulnerabilities *

Researchers Suspect 'Cytrox' for Distributing 'Predator' Spyware on iPhones *

Cyber Criminals Infected U.S. Federal Agency's Network with Backdoor *

Malicious Android App Distributes New Joker Malware, Infected Over 500,000 Android Users *

Hackers Distributing New Stealthy DarkWatchman Malware through Phishing Emails *

Threat Actors Revived TellYouThePass Ransomware in Linux, and Windows Log4j Attacks *

Threat Actors Exploiting Log4j Vulnerability to Deploy Dridex Banking Malware *

Western Digital Urges Users to Upgrade their My Cloud Devices *

Logistics Firm "Hellmann" Warns Users of BEC Emails Post Ransomware Attack *

Threat Actors Infected Over 35,000 Computers in 2021 Using a New PseudoManuscrypt Malware *

Threat Actors Targeting Spider-Man Franchise Fans with Credit-Card Harvesting *

VMware Patches a Critical Flaw in Workspace ONE UEM *

Phorpiex Botnet Surfaces Again with a more Sophisticated Variant *

Khonsari Ransomware Group Targeting Self-Hosted Minecraft Servers *

Apache Issues a New Patch to Fix 3rd Log4j Vulnerability *

Researchers Suspect New Attack Vector Identified in Log4j Exploits may Expand the Attack Surface *

Iranian State-Sponsored Hacker Abused Slack API to Steal Asian Airline Data *

US Prominent Brewery and Hotel chain "McMenamins" Hit by a Conti Ransomware Attack *

Log4j Hackers Switch to Injecting Monero Miners via RMI *

Credit Card Skimmers Targeting Ecommerce Sector via Magecart Attacks *

DDoS Mitigation Service Provider "Cloudflare" Suffers Widespread Latency and Timeouts *

A New Espionage Campaign Targeting Telecom Organizations in Middle East and Asia *

Hackers Steal Microsoft Exchange Credentials Using Backdoor "Owowa " *

Threat Actors Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges *

Apple Releases an iOS Update for Remote Jailbreak Exploit *

PyPi Removes 3 Python Packages Suspected of Dropping a Trojan on Victim Systems *

Virginia Information Technology Agency Suffers Ransomware Attack *

Workforce Management Solutions Provider, Kronos Suffers Ransomware Attack *

Over 300,000 MikroTik Devices Still Vulnerable to Remote Hacking Flaws *

AWS Suffers Second Outage in this Month, Impacts Twitch, Zoom, PSN, Hulu, others *

Vulnerabilities in Wi-Fi and Bluetooth Chips Enable Hackers to Steal Passwords *

Researchers Identify "ALPHV" as the Most Sophisticated Ransomware in 2021 *

Threat Actors Actively Exploiting Log4Shell Vulnerability to Deliver Malware on Vulnerable Machines *

Partially Fixed Dell Computer Drivers Still Vulnerable to Windows Kernel-level Attacks *

Threat Actors Targeting German E-Banking Users via New Phishing Campaigns *

Volvo Cars Suffers Ransomware Attack, R&D Information Exposed *

Researchers Link 'XE Group' to Eight Years of Credit Card Theft *

Apache Foundation Releases a Security Patch for Second Log4j Vulnerability *

Microsoft Patch Tuesday Security Advisory - December 2021 *

Mojang Studios Publishes an Emergency Minecraft Update Amid Critical Log4j Vulnerability Exploits *

Threat Actors Dropping Agent Tesla Malware Using PowerPoint Macros in On-going Phishing Campaigns *

Hackers Employ Known Info-stealing Malware "TinyNuke" Targeting French Users *

Researchers Disclose Building Blocks of Widely Active Qakbot Banking Trojan *

AWS Discloses the Cause Behind the Recent Massive Outage *

Researches Disclose an Active Campaign Exploiting Over Vulnerable 1.6 Million WordPress Sites *

17 Malicious NPM Packages Let Attackers to Steal Discord Tokens *

Google Pushes Emergency Chrome Update to Fix Zero-day in its Chrome Browser *

South Australian Government Data Breach Expose Over 80,000 Employees Info *

Threat Actors Targeting Enterprises Using New Zero-day Exploit for Log4j Java Library *

StrongPity Hacking Group Pushing Malware Using Malicious Notepad++ Installers *

Dark Mirai Botnet Actively Targeting Unpatched TP-Link Routers *

Hackers Targeting US Universities via Office 365 Phishing Campaigns *

Vulnerable Hikvision's IoT Devices Targeted by Moobot Botnet *

Emotet Malware is Now Installing Cobalt Strike Directly on Infected Devices *

Fujitsu Cites the Breach on Japanese Ministries' on Stolen ProjectWEB Credentials *

Cox Communications Disclose Data Breach Post Hacker Impersonates Support Agent *

SanDisk SecureAccess Flaw Enables Brute Force Attacks Against Vault Passwords *

Google Fixes High Severity Use-After-Free Vulnerabilities in its Chrome Browser *

SolarWinds Hackers Targeting Government and Business Organizations Worldwide *

Phony KMSPico Software Stealing Victims' Cryptocurrency Wallets *

Hackers Employ Fake 'Spam Notification' Phishing Emails to Steal Microsoft Credentials *

SonicWall Patches Several Security Flaws in its SMA 100 Series Appliances *

Grafana Patches a Zero-day Flaw Post Exploits Spread Over Twitter *

Popular Cloud Service Providers Affected by Multiple Vulnerabilities in Eltima SDK *

AWS Suffers Outage, Impacts Ring, Netflix, and Amazon Deliveries *

QNAP Warns Users to Secure NAS Devices Against Bitcoin Miner *

Conti Ransomware Strikes Scandinavian Hotel Group "Nordic Choice" *

Hundreds of SPAR Stores Suffer Massive Outage in Northern England *

BitMart Cryptocurrency Exchnage Loses $200 Million Worth of Cryptocurrency Tokens Post Hack *

Microsoft Seizes Domains Used by APT15 Chinese State Hacker Group *

Researches Disclose 17 Malicious Frameworks Used to Attack Air-Gapped Networks *

Pakistani Threat Actor "SideCopy" Targeting Indian and Afghan Governments *

Malvertising Campaigns Distributing Backdoors and Malicious Chrome Extensions *

Threat Actors Distributing Android Banking Malware "BRATA" via SMS Phishing Campaign *

Researchers Disclose 14 New XS-Leaks Attacks on Well-known Web Browsers *

Finland's National Cyber Security Centre Warns of New Android Banking Malware Campaigns *

Threat Actors Employing RTF Template Injection Method in Phishing Campaigns *

Phishing Actors Actively Exploiting Users Via Omicron Themed Phishing Campaign *

Zoho Patches a Critical ManageEngine Bug Exploited in Wild *

Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats *

Scammer Sentenced for Stealing Millions of Dollars of Cryptocurrencies via SIM Hijacking *

Threat Actors Promoting a Malicious Android App to Steal Malaysian Bank Credentials, and MFA Codes *

BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers *

New Malware "NginRAT" Actively Targeting E-commerce Servers *

Planned Parenthood LA Discloses Data Breach Post Ransomware Attack *

Threat Actors Spreading Emotet via Fake Adobe Windows App Installer Packages *

Four Android Banking Trojans Infected Over 300,000 Android Devices in 2021 *

Mozilla Patches a Critical Flaw in its Cross-platform Cryptography Library *

TrickBot Malware Authors Employing New Ways to Evade Detection *

Russian Threat Actors Employing Babadeda Crypter to Evade Detection *

Hardware Giant "HP" Patches 8-year-old Critical Flaws in its Multi-functional Printers *

Ohio-based DNA Testing Firm "DNA Diagnostics Center" Discloses Data Breach, Impacting 2.1 Million People *

'Sabbath' Ransomware Operators Target Critical Infrastructure in US and Canada *

North Korean Defectors and Journalists Targeted by a New Chinotto Malware *

Threat Actors Utilizing Compromised Google Cloud Instances to Mine Cryptocurrency *

Marine Services Provider "Swire Pacific Offshore" Suffers Ransomware Attack *

Threat Actors Hide New Linux Malware Payload in Cron Jobs to Steal Credit Card Data *

Stealthy Hacker Group "WIRTE" Targeting Governments in the Middle East *

Researchers Warn of Attacks Targeting Recently Patched Apache HTTP Server Vulnerability Exploited in Wild *

Japanese Multinational Conglomerate "Panasonic" Discloses Data Breach Post Network Hack *

Furniture Retail Giant IKEA Email Systems Hit by Ongoing Cyberattack *

Researchers Disclose New Zero-day Vulnerability in Windows 10 Mobile Device Management Service *

APT C-23 Hackers Targeting Target Middle East Users Using New Android Spyware Variant *

Researchers Uncover a New Stealthy JavaScript Malware Dropping Several Windows based RATs *

Iranian Threat Actors Exploiting Microsoft MSHTML RCE Flaw to Steal Google, Instagram Credentials *

Advanced Hacking Group Targeting Biomanufacturing Industries Via New Malware Variant *

Researchers Linked North Korean Attackers to Several Credential Theft Campaigns *

Malicious Python Libraries Steal Discord Tokens and Install Reverse Shells *

PHP Deserialize Bug in CloudLinux Imunity360 May Lead to Remote Code Execution *

"RedCurl," A Corporate Cyber Espionage Threat Group Strikes With New Hacking Tools *

Cisco Patches a High Severity Bug in its Cisco ASA and FTD Firewalls *

MediaTek Chips Bugs Affect 37% of All Smartphones and IoT Globally *

VMware Patches Multiple Vulnerabilities in its vCenter Server and Cloud Foundation *

Over 6 Million Sky Routers Vulnerable to Takeover Attacks for 17 months *

New Android Banking Malware ‘SharkBot’ Hitting Targets in U.S., UK and Italy *

North American Wind Turbine Giant "Vestas" Suffers a Data Breach *

Iran Airlines "Mahan Air" Hit By Cyber Attack *

Threat Actors Actively Exploiting New Windows Installer Zero-day Flaw *

US SEC Alerts Investors About Ongoing Impersonation Attacks *

Utah Medical Center Suffers Data Breach; 582k Patients Info Stolen *

Threat Actors Hacking Vulnerable Microsoft Exchange Servers to Hijack Internal Email Chains *

GoDaddy Suffers Data Breach Affecting 1.2 million Customers *

Android Malware BrazKing Back with New Stealthy Techniques *

Threat Actors Abusing Glitch Cloud Service to Host Short-lived Phishing Websites *

APT Group Exploiting FatPipe VPN Zero-Day Bug Since May 2021 *

Vulnerable eCommerce Sites Allow Hackers to Deploy a New Linux Backdoor *

Attackers Employing Domain Fronting Technique to Evade Malicious Traffic *

Attackers Distributing Emotet Malware in New Spam Campaigns *

Netgear Fixes Pre-Authentication Buffer Overflow Bug which Affects various Products *

New TikTok Phishing Attack Targeting Influencers’ Accounts *

Emotet Botnet Returns Using TrickBot Malware *

Microsoft Released Emergency Updates to Fix Windows Server Authentication Issues *

NPM Patched Private Package Names Leak and Serious Authorization Flaw *

New Release Google Chrome 96 Shatters Twitter and Discord Web Apps *

WordPress Sites are Targeted to Display Fake Ransomware Notes *

High Severity Flaws Discovered in BIOS Firmware Affects Various Intel Processors *

Hackers Actively Targeting Alibaba ECS Instances to Deploy Cryptojacking Malware *

Lazarus Attackers Targeting Security Researchers with Trojanized IDA Pro Application *

Attackers Hacked FBI Email Servers to Distribute Spam Campaign *

American Retail Giant 'Costco' Reveals Data Breach After Identifying Credit Card Skimmer *

A Zero-Day Flaw in the Windows User Profile Service Gets Free Unofficial Patch *

BotenaGo Malware Targeting Millions of Routers and IoT Devices with 33 Exploits *

TrickBot Hackers Abused Microsoft's App Installer in Spam Campaigns *

WP Reset PRO Plugin Enables Attackers to Hijack Websites *

Netflix, Instagram, and Twitter Users are Targeted by New Android Malware *

TeamTNT Cybercrime Group Actively Targeting Vulnerable Docker Servers *

German Medical Software Company Medatixx Hit by Ransomware Attack *

Palo Alto Addresses Multiple Vulnerabilities in PAN-OS *

Clop Ransomware Gang is now Exploiting SolarWinds Serv-U flaw in Attacks *

Zombie-themed Phishing Emails Infecting Users with MirCop Ransomware *

A New Variant of Mekotio Banking Trojan Spotted in the Wild *

Microsoft Patch Tuesday Security Advisory - November 2021 *

Microsoft Warned Admins to Patch Exchange Server Vulnerability *

Cisco Patches Hard Coded Credentials and Default SSH Key Issues in its Catalyst PON Switches *

Researchers Disclose a Critical RCE Vulnerability in Linux Kernel's TIPC Module *

Scammers Harvesting Microsoft O365, Google Logins Via Fake Proofpoint Emails *

Researchers Disclose Two Critical SQL Injection Flaws in Philips Healthcare Informatics Solution *

Prominent Stock Trading Platform "Robinhood" Suffers a Data Breach *

Electronics Giant "MediaMarkt" Hit by Hive Ransomware Attack *

Threat Actors Actively Targeting Patched Sitecore XP RCE Flaw *

Central Depository Services (India) Limited Discloses a Data Breach *

Babuk Ransomware Deployed via Microsoft Exchange ProxyShell Vulnerabilities *

New Android Rooting Malware "AbstractEmu" Takes Over Mobile Phones Via Root Access *

CISA Discloses a Catalog of Known Exploited Vulnerabilities for Multiple Products *

UK Labour Party Discloses a Data Breach Post Ransomware Attack *

Critical Flaw in Cisco Policy Suite's Hardcoded SSH Key Lets Remote Hackers Gain Root Access *

US Defense Contractor Electronic Warfare Associates (EWA) Suffers Data Breach *

Google Patches Actively Exploited Kernel Bugs in its Android November Patch *

Microsoft Suffers Outage, Blocks Access to Onedrive and Sharepoint Files *

Over 30,000 Unpatched GitLab Servers Vulnerable to Already Patched Critical RCE Flaw *

Over 1.6 Million Devices in China Infected by Pink Botnet *

Researchers Uncovered Multiple Critical Flaws in Pentaho Business Analytics Software *

Threat Actors Used Kaspersky's Stolen Amazon SES Token in Office 365 Phishing Campaigns *

Threat Actors Distributing Chaos Ransomware via Fake Minecraft 'alt list' Text Files *

Threat Actors Deploying Snake Infostealer Malware Via Phishing Emails *

Iranian Hackers Breach Israeli Web Hosting Provider"Cyberserve" *

Canadian Province Health Care System Hit by Cyberattack *

Researchers Disclose New Spook Ransomware Built on Prometheus Code Exposing All Victims *

Pirated Sports Streamer Hacked Major American Sports Leagues and Tried to Extort MLB for $150,000 *

Hive Ransomware Group Launches New Variants Capable of Encrypting Linux and FreeBSD Devices *

Israeli Internet Firm Hit By Ransomware Attack Led By Iranian Hackers *

UMass Memorial Health Care Center Suffers Data Breach *

Google Fixes the Flaw Causing Chromebooks Failing to Enroll Devices *

Google Patches Two Zero-Day Bugs in Chrome Browser *

macOS Flaw Allow Hackers to Deploy Rootkits *

WordPress's OptinMonster Plugin Flaw Allow to Hijack Sites *

Threat Actors Targeting YouTubers’ in Phishing Campaigns *

Cybercriminals Delivering Ransomware via Malicious NPM Packages *

Apple Fixed 22 Security Flaws in iOS and iPadOS Devices *

Iranian Gas Station Hit by a Cyberattack *

Hackers Employing a New Squirrelwaffle Malware In Spam Email Campaigns *

Attackers Used a New Yanluowang Ransomware in Targeted Attacks *

Russian Attackers Delivering Malicious Documents in Phishing Campaign *

WordPress Plugin Flaw can Lead to Complete Takeover of Vulnerable Sites *

South Korea's Telecommunications Firm 'KT Corporation' Suffers Nationwide Outage *

CISA Advised to Fix Critical Flaw in Discourse Software *

Attacker Hijacked NPM Library to Compromise Windows and Linux Devices *

macOS Malware Utilizes New Evasion Techniques *

New PurpleFox Backdoor Uses WebSockets for C2 Communication *

SCUF Gaming International Suffers Data Breach: 32,000 Customers Affected *

Attackers Distributing Malware Through Korean Webhard and Torrent Websites *

New Threat Group Targeting South Asian Organizations Using Custom Malware *

Chinese Attackers Exploited Windows Zero-Day Vulnerability in Cyberattacks *

FBI Alerts on Fake Govt Sites Used to Steal Sensitive Information *

Telecommunications Company 'Sinclair Broadcast Group' Hit by Ransomware Attack *

The University of Sunderland Hit by Cyberattack *

Olympus US Systems Hit by Cyberattack *

Ecuador's Largest Bank 'Banco Pichincha' Hit by Cyberattack *

Microsoft Fixed Compatibility Issues in Windows 11 KB5006674 Cumulative Update *

Attackers Using Math Symbols in Phishing Campaigns *

Microsoft Azure's Customer Hit by Largest DDoS Attack *

Microsoft Patch Tuesday Security Advisory - October 2021 *

Apple Fixes a Zero-day Flaw in an Emergency iOS 15.0.2 Update *

Google Fixes Four High-Severity Flaws in its Chrome Browser *

American Pacific City Bank Hit by AvosLocker Ransomware Attack *

Threat Actors Targeting Linux Devices Using New FontOnLake Rootkit *

Ransomware Group FIN12 Aggressively Attacking Healthcare Sectors *

Cox Media Group Discloses a Data Breach Post Ransomware Attack *

Threat Actors Impersonating "QuickBooks" in Ongoing Phishing Campaigns *

Global Brewery Firm BrewDog Exposes 200,000 Customers Sensitive Information *

Researchers Disclose New Android Malware Infecting Android Mobiles *

Telecommunication Firm 'Syniverse' Discloses a Database Breach *

Microsoft Patched Flaw Prevent Security Updates for Azure Virtual Desktops *

Apache Emergency Update Patched Incomplete Fix for Actively Exploited Bug *

Researchers Disclose UEFI Bootkit Exploiting Windows Systems Since 2012 *

Live Streaming Platform 'Twitch' Suffers Massive Data Leak *

APT Group "ChamelGang" Targeting Fuel, Energy, and Aviation Industries *

Researchers Disclose Multiple Critical Flaws in Honeywell Experion PKS and ACE Controllers *

Apache Patches a Zero-Day Vulnerability in its Web Server *

The Telegraph Suffers Massive Data Breach;10 TB Database Leaked *

Researchers Link Disparate Malware Attacks to Chinese Cyber-espionage Group *

Unknown Ransomware Gang Encrypting VMware ESXi Servers Using Python Script *

Industry Publication Giant Sandhills Global Hit by a Ransomware Attack *

Misconfigured Apache Airflow Servers Leak Credentials *

New Atom Silo Ransomware Group Targeting Unpatched Confluence Servers *

An Unpatched Flaw Enables Contactless Payments From Locked iPhones *

Threat Actors Targeting Commerzbank Customers Via New Malware Campaign *

Hackers Steal Cryptocurrency from Coinbase Customers Using MFA Flaw *

Threat Actor Group "GhostEmperor" Backdooring Windows 10 Systems Using a Rootkit *

WhatsApp, Instagram and Facebook Suffers Massive Outage Due to a Configuration Error *

Google Fixes Two Zero-Day Flaws in its Chrome Browser *

Hackers Spreading Flubot Android malware Via Fake Security Updates *

QNAP Patches 3 High-severity Stored Cross-site Scripting (XSS) Flaws Affecting NAS Devices *

MoneyLion Discloses a Data Breach Post Credential Stuffing Attacks *

Neiman Marcus Discloses a Massive Data Breach; 4.3 million Users Affected *

Fake Amnesty International Pegasus Antivirus Affects Windows Systems *

JVCKenwood Hit by CONTI Ransomware Attack *

Threat Actors Hijack Windows Boot Manager With UEFI Bootkit *

Microsoft Warns of Cyber Attacks Targeting Active Directory FS Servers *

Hackers Draining Brazil's PIX Payment System Users' Bank Accounts *

Researchers Linked New Tomiris Backdoor to Hackers Behind SolarWinds Cyberattack *

Giant Trucking Company "Forward Air" Suffers Data Breach *

Microsoft Suffers MFA Outage; Access to Microsoft 365 Services Blocked *

Threat Actors Distributing a New Jupyter Malware Version Via MSI Installers *

Threat Actors Stealing Financial Data from 378 Banking and Wallet Apps Via "ERMAC" Malware *

Multiple Cyberattack Campaigns Abusing Atlassian Confluence RCE Flaw *

Colossus Ransomware Hits Prominent Automobile Company in the USA *

Twitter Web Client Suffers Worldwide Outage *

Threat Actor Targets Indian Government With Commercial RATs Via Operation Armor Piercer Campaign *

QNAP Patches Two Critical Flaws in its QVR Software *

Prominent Communications Provider "Bandwidth.com" Hit By a DDoS Attack *

New Malware 'BloodyStealer' Targeting Popular Gaming Platforms *

Google Fixes High-Severity Zero-Day Flaw in its Chrome Browser *

Researcher Discloses Exploit Codes for 4 iOS Zero-Day Flaws on GitHub *

Microsoft Warns Organizations About a Wide-Scale Phishing-as-a-Service Operation *

Colombian Real Estate Firm "Coninsa Ramon" Suffers Data Breach *

Scammers Targeting US, Canada Users Via New Android Malware *

SonicWall Patches a Critical Vulnerability in its SMA 100 Series Products *

Threat Actors Deploying Web Shells Via Nagios RCE Vulnerabilities *

Researchers Disclose a Remote Code Execution Flaw in AWS WorkSpaces *

Netgear Patches a Remote Code Execution Vulnerability in its Routers *

Threat Actors Employing BitRAT to Target South American Organizations via Spam Campaigns *

Cisco Patches Three Critical Flaws in its IOS XR Software *

Apple Patches a Zero-day Flaw Used to Hack iPhones and Macs *

Threat actor Group "FamousSparrow" Breaching Hotels Worldwide Via ProxyLogon Exploits *

Cyber Criminals Deploying Rootkit Via a New Bug in Microsoft Windows *

Threat Actors Targeting Organizations in Latin America Via a New Banking Trojan *

Threat Actors Employing New Malware Campaigns to Mine Cryptocurrency *

Cring Ransomware Group Actively Exploiting Decade-Old Patched ColdFusion Vulnerabilities *

Microsoft Exchange's Autodiscover Flaw Leaks 100K Windows Credentials *

Russian Threat Actors Deploying TinyTurla Malware as Secondary Stage Backdoor *

VMware Fixed Critical Arbitrary File Upload Vulnerability in its vCenter Server *

Researchers Disclosed a New Zero-Day Vulnerability in macOS Finder *

Republican Governors Association's Server Breached Via Microsoft Exchange Cyberattack *

US Farmer Cooperative Suffered a BlackMatter Ransomware Attack *

Over 1.4 Million COVID-19 Test Results From Multiple Hospitals Exposed in Paris *

Scammers Sending Spam Emails to Promote Elon Musk-themed Cryptocurrency Scam *

VoIP.ms Hit By a DDoS Attack; Multiple Services Impacted *

AMD Patches An Information Disclosure Flaw in its Chipset Driver *

Prominent Integration Service Provider, Travis CI Patches a Critical Security Flaw *

Researchers Uncovered Phishing Campaign "Operation Layover" Targeting Aviation Industry *

Threat Actors Deploying New Malware to Compromise Windows Subsystem for Linux Environment *

Tamil Nadu Public Department Hit by Ransomware Attack *

Netgear Patches Third Critical Bug in its Smart Switches *

Microsoft Patches a Critical Flaw in Open Management Infrastructure Affecting Azure Cloud Services *

Adobe Patches 36 Critical Vulnerabilities in its Products *

Threat Actors Impersonate US Department of Transportation to Steal Microsoft Credentials *

South Africa's Justice Ministry Suffers Ransomware Attack *

Microsoft Warns of Information Leakage Vulnerability in Azure Container Instances *

Cyber Criminals Deploying New Linux Cobalt Strike Beacons in Ongoing Cyber Attacks *

Nitro Software Patches a Remote Code Execution Flaw in its Nitro Pro PDF *

Threat Actors Spreading New ZLoader Malware Through Fake TeamViewer Installer *

Millions of Computers Affected by HP Omen's Privilege Escalation Bug *

Microsoft Patch Tuesday Security Advisory - September 2021 *

Telecommunications Provider "MyRepublic" Suffers Data Breach *

New Android Banking Trojan Dubbed "S.O.V.A" Emerges With Growing Capabilities *

TeamTNT Hacking Group Stealing Credentials Using New Open-Source Tools *

Apple Patches Zero-click iPhone Exploit Deploying Pegasus Spyware *

Google Patches 2 Zero-day Flaws in its Chrome Browser *

“FudCo” Spam Empire Linked to Pakistan-based Software Firm *

Howard University Suffers Ransomware Attack Leading to Network Shutdown *

Threat Actors Targeting Kurdish Ethnic Group Via Mobile Spyware Attacks *

New Windows 0-Day Attack Targeting Users Via Weaponized Office Documents *

Meris Botnet Launches a 22 Million RPS DDoS Attack *

Cisco Patches Multiple High-Severity Flaws in its IOS XR Software *

Threat Actors Leaked 500,000 Fortinet VPN Credentials On Hacking Forum *

Zoho Patches Critical Vulnerability in its ManageEngine ADSelfService Plus Solution *

Critical Flaw in HAProxy Result in HTTP Request Smuggling Attack *

FIN7 Group Deploying Backdoor Via Windows 11 Alpha-themed Word Documents *

Ribbonsoft’s dxflib Library Flaw Allow Attackers to Remotely Execute Commands *

New Malware Family Leverages CLFS Log Files to Evade Detection *

Threat Actors Hacked Jenkins Project's Confluence Server to Install Monero Miners *

NPM, Package Manager Patches a Critical Bug in the Package Pac-Resolver *

Microsoft Links SolarWinds Serv-U SSH Zero-Day Attack to Chinese Hackers *

Netgear Patches High Severity Bugs in its Smart Switches *

Threat Actors Exploiting Confluence Bug to Install Cryptocurrency Miners *

Billions of Bluetooth Devices From Multiple Vendors Remain Highly Vulnerable to BrakTooth Flaws *

Dallas Public School Suffers Data Breach *

Canada Immigration Accepts Additional 7,300 Applications in TR to PR Program Due to a Technical Bug *

Cisco Patches Critical Authentication Bypass Flaw in NFV Infrastructure Software (NFVIS) *

Over 60,000 Parked Domains Were Vulnerable to Domain Hijacking Attacks *

Autodesk Targeted By SolarWinds Hackers Via Sunburst Backdoor *

LockFile Ransomware Bypassing Protection Via Intermittent File Encryption *

Microsoft Exchange ProxyToken Flaw Allow Attackers to Access User Email Messages *

Multiple Vulnerabilities Identified in Fortress S03 Wi-Fi Home Security Systems *

Threat Actors Selling a GPU Based Malware Via Hacker Forums *

Annke Patches a Stack-based Buffer Overflow Flaw in its Video Surveillance Product *

Synology Discloses Open SSL Vulnerabilities Impacting its NAS Devices *

Attackers Abusing Proxyware Applications to Monetize Malware Campaigns *

QNAP Discloses OpenSSL Flaws Impacting its NAS Devices *

New York Credit Union Discloses An Insider Threat; 21GB of Sensitive Data Destroyed *

Google App Bug Restrict Users To Make & Receive Calls *

Attackers Distributing Phishing Mails Using Open Redirect Links *

Researchers Warn Users About Four Emerging Ransomware Groups *

FIN8 Threat Group Targeting Financial Institutions Using Sardonic Backdoor *

U.S. Based Computer Retail Company Targeted by New SideWalk Backdoor *

Critical F5 BIG-IP Vulnerability Affects Customers in Sensitive Sectors *

VMware Fixes Four High Severity Flaws in vRealize Operations Manager API *

Microsoft Power App Leaks 38 Million Sensitive Data Records Via Misconfigured Tables *

Threat Actors Actively Exploiting 15 Vulnerabilities to Hack Linux Systems *

Microsoft Warns Customers of Azure Critical Cosmos DB Vulnerability *

Cisco Patched a Critical Flaw in its APIC Software *

Boston Public Library Suffers System Wide Outage *

Cyber Criminals Deploying BazaLoader Malware via Fake DDoS Notifications *

Emsisoft Releases Free Decryptor for SynAck Ransomware Victims *

Compromised WhatsApp Mod Distributing Malicious Payloads Via Supply Chain Attack *

Threat Actors Discreetly Marketing ShadowPad Malware Among Chinese Espionage Groups *

NSO Group Deploying Pegasus Spyware Via New Zero-click iPhone Exploit *

OpenSSL Vulnerabilities May Be Exploited For Multiple Cyber Attacks *

ACROS Security Releases a Micro Patch to Address PetitPotam Flaw *

Mozi, an IoT Botnet Targets Network Gateways and IoT Devices *

Threat Actors Actively Exploiting Newly Disclosed Realtek SDK Vulnerabilities in the Wild *

AT&T Denies Data Breach Post Attacker Auctions 70 Million User Database *

Google Discloses Information of Unpatched Windows AppContainer Vulnerability *

Cloudflare Thwarts the Largest DDOS Attack Ever Recorded *

Microsoft Exchange Servers Under Attack By New LockFile Ransomware *

SAC Wireless, A Nokia Subsidiary Discloses Data Breach Post Conti Ransomware Attack *

Phishing Campaign Used a XSS Flaw in UPS Website to Distribute Malware *

Vulnerable Microsoft Exchange Servers Under Attack Via ProxyShell Vulnerabilities *

Attackers Hacked US Census Bureau Servers Using Citrix Vulnerability *

Critical Vulnerability Discovered in the Universal Plug-and-Play (UPnP) Service of Multiple Cisco Routers *

BadAlloc Flaw Affects BlackBerry's QNX Real-Time Operating System (RTOS) *

Chase Bank Suffers Data Leak Via Technical Glitch *

Data Exfiltration Attacks Can Bypass Cisco Safety Products *

Ransomware Attacks Hit Maine's Rural Sewage Treatment Plants *

Memorial Health System, Florida Suffers Ransomware Attack *

Attackers Targeting Multiple Users in Mexico via Neurevt Trojan *

Adobe Patches Critical Photoshop Security Flaws *

Critical Flaw in ThroughTek's Point-to-Point (P2P) SDKs Impacting Million IoT Devices *

Fortinet Delays Patching a Zero-day Bug in its Web Application Firewall (WAF) *

Multiple Realtek Related Flaws Affecting its Wi-Fi SDKs; Impacting Nearly a Million IoT Devices *

Tokio Marine's Singapore Branch Suffers Ransomware Attack *

Threat Actors Selling Ficker Info Stealer Malware as a Malware-as-a-Service (MaaS) *

Iranian Government-linked Hacker Groups Conducting Cyber Espionage Activities in Israel *

Attackers Use 'CAPTCHA' Images to Trick Users into Bypassing Browser Warnings *

Brazilian National Treasury Suffers Ransomware Attack *

Threat Actors may use Middleboxes Related Flaws for TCP Reflected Amplification *

Threat Actors Distributing WarzoneRAT via Compromised WordPress Sites *

TA505 Threat Group Installing ServHelper RAT Using New Techniques *

Multiple STARTTLS Related Bugs Found in Popular Email Clients *

Trend Micro Addresses Wild Zero-Day Vulnerabilities *

T-Mobile Suffers Massive Data Breach; 100 Million Customers Data Stolen *

The Infamous AlphaBay Darknet Market Has Reopened for Business *

Microsoft Spotted Hackers Using Morse Code in Phishing Campaigns to Evade Detection *

Threat Actors Employing CAPTCHA Protected Phishing Campaigns *

Scammers Impersonating FINRA in an Ongoing Phishing Campaign *

Multiple Flaws in Wodify Fitness Platform Allow Hackers to Take Control *

New AdLoad Malware Variant Escapes through Apple's XProtect Defence *

Ford Flaw Exposed Sensitive Information from Internal Systems *

Attackers Can Now Spy On DNS Traffic via Bugs in Managed DNS Services *

Intel Releases Patches for High-Severity Flaws in NUC 9 Extreme Laptops, Ethernet Linux Drivers *

Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising *

One Million Stolen Credit Cards Data Leaked on Carding Marketplace *

Gigabyte Suffers RansomEXX Ransomware Attack *

Microsoft Confirms another Zero-Day Bug in Windows Print Spooler *

Accenture Hit by LockBit Ransomware Attack *

Attackers Stole Cryptocurrency worth of $600 Million *

Researchers Revealed eCh0raix Ransomware Targeting Both NAP and Synology NAS Devices *

Microsoft Patch Tuesday Security Advisory - August 2021 *

Adobe Patched Several Critical Vulnerabilities in its Products *

Russian Federal Executive Authorities Targeted by Chinese Threat Actors *

Chinese Threat Actors Targeting Prominent Southeast Asian Telecom Firms *

Joplin City Suffers from Ransomware Attack *

FatalRAT Trojan Exploiting Telegram *

New FlyTrap Malware Compromises Thousands of Facebook Accounts *

New Chinese Spyware Used in Widespread of Cyber Espionage Attacks *

VMware Patches Security Vulnerabilities in Workspace ONE Access and Identity Manager *

INFRA:HALT Flaws Affect Embedded TCP/IP Stack Widely Used in OT Devices *

Cisco: Firewall Manager RCE Flaw is a Zero-day, Patch Incoming *

Go & Rust Languages Affected by Critical IP Address Validation Flaw in "net" Library *

New York City Public School's Info Leaked; Officials Confirm *

Threat Actors are Actively Exploiting Vulnerable Home Routers *

Solarmarker Malware Targeting Healthcare and Education Sectors *

Attacker Scanning Microsoft Exchange Servers for ProxyShell Vulnerability *

New APT Threat Group Targeting Microsoft IIS Servers *

Google Fixed Several High-Severity Security Flaws in Android OS *

Linux Variant of BlackMatter Ransomware Encrypting VMware ESXi Machines *

New Android Malware Vultur Abuses Accessibility Services *

Energy Group ERG Reports Minor Interruptions Post Ransomware Attack *

Google Patches Several Chrome Vulnerabilities *

New Cobalt Strike DoS Vulnerability Allows Takedown of Attackers’ Servers *

Advanced Technology Ventures Discloses a Data Breach Attack *

Cisco Patches Pre-Auth Security Flaws in its VPN Routers *

Romania Cryptojacking Attackers Targeting Linux Devices *

Multiple TransLogic Firmware Vulnerabilities Discovered; Major Impact on North America Hospitals *

Italy's Lazio Region Suffers Ransomware Attack *

New Meteor Malware Used in Iranian Railway Attack *

Multiple Vulnerabilities Patched in WordPress Download Manager *

Node.js Patched Severe HTTP Vulnerability *

Russians Attackers Compromised Federal Prosecutors Email Accounts *

New Vulnerabilities could let Attackers to Compromise Zimbra Server via Email *

Researchers Discovered New Haron Ransomware Gang *

A New .Stolen Ransomware Deleting Disc Shadow Copies Post Encrypting Disc Drives *

LockBit 2.0 Ransomware Uses Group Policies to Encrypt Windows Domains *

Attackers Compromised Chipotle’s Marketing Account to Deliver Phishing Emails *

Multiple Flaws Discovered in 3 Open-Source Software *

DarkSide Ransomware Gang Returns as New BlackMatter Ransomware *

Attackers Installing PlugX Malware Variant on Compromised MS Exchange Servers *

Northern Ireland Suspends COVID Certificate Service Post Data Breach *

Attackers Posed as Aerobics Instructors to Target Employees *

APT Attackers Distributed Android Trojan via Syrian E-Government Portal *

UC San Diego Health Suffers Data Breach Post Phishing Attack *

Oracle Fixes Critical Flaws in its Products *

LemonDuck Malware Targeting Windows and Linux Systems *

Signal Patches a Critical Flaw in its Android Versions *

Apple Patches a Zero-day Flaw Exploited in the Wild *

XCSSET MacOS Malware Targets Telegram Accounts and Google Chrome Data *

Researchers Disclose 3 Zero-day Flaws in Kaseya Unitrends Backup Solution *

Kaseya Gets Universal Decryptor Tool to Help Victims *

Critical Security Flaws Reported in Etherpad *

Law Firm Campbell Conroy & O'Neil Suffered Ransomware Attack *

Malicious NPM Package Steals Chrome Passwords on Windows via Recovery Tool *

Federal Agencies Say China Breached Dozens of Pipeline Companies between 2011 and 2013 *

Akamai Suffers DNS Outage; Prominent Websites and Online Services Across the Globe Impacted *

Dell Patches 3 Critical Vulnerabilities in OpenManage Enterprise Service *

Atlassian Patches Critical Vulnerability in its Jira Data Center and Jira Service Management Data Center Products *

Ecuador's State-run CNT Telco Suffers Ransomware Attack *

Juniper Fixed Multiple Flaws in its Products *

Attackers Distributing Remcos RAT via Visual Basic *

Microsoft Seizes Homoglyph Domains used in BEC Campaign *

Saudi Aramco Suffers Data Breach; 1 TB Stolen Data for Sale *

16-Year-Old Bug Impacts Millions of HP, Samsung, Xerox Printers *

Bug discovered in Fortinet lets Attackers to run Code as Root *

WIFIDemon Leading to Remote Code Execution Attacks on iOS Devices *

Magecart Attackers Using Unique Techniques to Avoid Detection *

Cisco Patches High Severity Flaw in its ASA & FTD Software Versions *

Pegasus Spyware Infecting Prominent Personnel's Mobile Devices Across the Globe *

WildPressure APT Targeting Windows and macOS Systems via New Malware Variant *

Google Patches Zero-Day Vulnerability in its Chrome Browser *

D-Link Fixes Multiple Security Bugs in its DIR-3040 Router Version v1.13B03 *

Scammers Target Comparis Group Users Post Ransomware Attack *

Multiple Vulnerabilities in NuGet Packages Affect .NET Platform *

Microsoft Patched Windows Hello Authentication Bypass Vulnerability *

Recent ZLoader Malware Attacks Adopt New Macro-Related Delivery Method *

Sage X3 Patched Multiple Security Flaws in its Enterprise Resource Planning (ERP) Product *

Attackers Spreading BazarBackdoor Malware via Nested RAR and ZIP Archives *

SonicWall Warns of Imminent Ransomware Attacks Targeting SMA 100 & SRA VPN Appliances *

VMware Fixed Flaws In ESXi and ThinApp Applications *

Chinese Hackers Utilizing SolarWinds Zero-Day to Target US Defense Companies *

New BIOPASS RAT Live Stream Victim's Computer Screen *

Kaspersky Password Manager Generated Passwords used in Brute Force Attacks *

Adobe Patch Tuesday Security Advisory - July 2021 *

Microsoft Patch Tuesday Security Advisory - July 2021 *

Kaseya Fixed Multiple VSA Bugs Exploited in REvil Ransomware Attack *

Flaws in Cisco BPA and WSA could lead to Privilege Escalation Attacks *

Mitsubishi Electric Fixed Bugs in Air Conditioner Control Systems *

Fashion Retailer Guess Suffers Data Breach Post Ransomware Attack *

SolarWinds Patches a Zero-day Flaw Exploited in the Wild *

Insurance Firm CNA Suffers Data Breach After Ransomware Attack *

Mint Mobile Suffers Data Breach; Hackers Port Victims Phone Numbers *

Morgan Stanley Reports Data Breach After Vendor Reports Accellion Hack *

Nobelium Hacking Group Reportedly Accessed Microsoft's Customers Support Tools *

Crypto Mining Scams Targeting Victims via Fraudulent Android Apps *

Malspam Campaign Deploying Cobalt Strike Payloads Posing as Kaseya VSA Security Update *

Microsoft Addresses Critical Edge Bug Leading to UXSS Attacks *

CISA Discloses 15 Vulnerabilities Affecting Philips Vue Healthcare Products *

Pro-Trump Social Media Site "GETTR" Suffers Data Breach *

QNAP Patches Critical Flaw in NAS Backup and Disaster Recovery Solution *

Insurance Giant AJG Reports Data Breach post a Ransomware Attack *

Threat Actor Group Wizard Spider Linked to a New Ransomware 'Diavol' *

NETGEAR Patches 3 Critical Bugs in DGN-2200v1 Series Routers *

Microsoft Urges Azure Users to Update their PowerShell Tool *

Threat Actors Hacked Mongolian Certificate Authority to Deploy Backdoors *

Threat Actors Targeting Unpatched Cisco ASA Devices Aggressively Post the PoC Release *

Kaseya Suffers Massive Ransomware Attack; Hundreds of Companies around the Globe Affected *

Retail Giant Coop Shuts Down 500 Stores Post Kaseya Ransomware Attack *

Microsoft Releases Emergency Patch for Windows Zero-day PrintNightmare Vulnerability *

Attackers Target Microsoft's Halo Development Servers via Dependency Hijacking *

Law Enforcement Officials Seize DoubleVPN Service's Servers *

WD Storage Devices Vulnerable to Ongoing Cyber-Attacks *

LinkedIn Suffers Data Breach, 700 Million Users Data Exposed *

DarkRadiation Ransomware Gang Targeting Linux & Docker Instances *

Threat Actors using WIM Files to Bypass Security Solutions via Phishing Emails *

Microsoft Signs a Rootkit Malware Disguised as Windows Driver *

Unpatched Flaws in PlingStore Apps may Lead to Supply-Chain Attacks *

Scammers Impersonating FINRA Support in a New Phishing Campaign *

Fortinet Patches 2 Vulnerabilities in its Web Application Firewall (WAF) *

High Severity Flaws Found in Vulnerable NVIDIA Jetson Chipsets *

Spam Campaign Hides "handwritten" Links in Tinder Profile Images *

Pakistan Hackers are Targeting Indian Power Company with ReverseRat *

Mercedes-Benz Suffers Data Breach *

Multiple Bugs in Dell SupportAssist; Impacts 30 Million PCs *

Researchers Discovered Security Vulnerability in 2G Mobile Data Encryption Standard *

Conti Ransomware Gang Leaked Tulsa City's Police Citation Documents *

Covid-19 tracking app ‘MassNotify’ Auto-installed on Massachusetts Android Phones *

VMware Fixed Critical Vulnerability in Carbon Black App Control *

A Partially Fixed Bug in SonicWall Affecting 800K Firewalls *

Vulnerabilities in Open Design Alliance's SDK Impacting Multiple Vendors *

Nuclear Research Agency of South Korea was Hacked Using VPN Flaw *

Multiple Vulnerabilities Discovered in Schneider PowerLogic Devices *

Zephyr RTOS Patched Multiple Bugs in its Bluetooth LE Stack *

Healthcare Giant Grupo Fleury Suffers Ransomware Attack *

Palo Alto Networks Fixed Critical Vulnerability in Cortex XSOAR *

Microsoft Patched High-Pitched Noise Bug in Windows 10 *

Threat Actors are Sending Fake Extortion Emails by Impersonating DarkSide Gang *

Supermarket Chain Wegmans Suffers Data Breach *

Andariel Hacking Group Targeted South Korean Industries with New Malware Campaign *

Poland Officials Targeted in Russian Cyber Attacks *

Russian Consumer Watchdog Bans VyprVPN & Opera VPN Services *

Gelsemium Hackers Target NoxPlayer with Supply Chain Attack *

Reproductive Biology Associates Clinic Suffers Ransomware Attack *

Critical Flaw in ThroughTek Allows Millions of Cameras to Spy *

Newly Discovered iPhone Bug can Disable iPhone's Wi-Fi Functionality *

Researchers Warn of SolarMarker Malware Deployed via SEO Poisoning *

Attackers Bypass Office 365 MFA in BEC Attacks *

Attackers can Access Victim Information via Vulnerability found in Microsoft Power Apps *

Instagram Bug Allows Attacker to View Private Accounts Details of the User *

Propane Service Provider AmeriGas Discloses Data Breach *

Cake Box Suffers Data Breach; Credit Card Numbers of Customers Exposed *

Clop Ransomware Gang Suspects are Arrested in Ukraine *

Google Patched Zero-Day Bug in Chrome Web Browser *

Scammers are Sending Fake Ledger Devices to Steal Cryptocurrency *

Thousands of VMWare vCenter Servers are Still Vulnerable to Remote Code Execution Attacks *

Apple has Fixed 2 Zero-Day Flaws in iOS Devices *

Hackers can Spy on Samsung Mobile Users using Pre-installed Applications *

Interpol Removed Multiple Fake Online Pharmaceutical Websites *

Spain's Ministry of Labor and Social Economy Suffers Cyberattack *

Avaddon Ransomware Group Shuts Down *

Food Supply Giant Edward Don Shuts Down Temporarily Due to Ransomware Attack *

7-Year-Old Privilege Escalation Polkit Flaw Affecting Linux Devices *

McDonald's Discloses Data Breach; Customers and Employee Information Exposed *

Audi and Volkswagen Suffers Data Breach; 3.3 Million Customers Affected *

Food Giant JBS Pays $11 million to REvil Ransomware Group *

Famous Video Game Company Electronic Arts Suffers Data Breach *

WAGO Controller Flaws Could Lead to Industrial Process Disruptions *

Stolen Login Credential Marketplace Slilpp is Seized by Law Enforcement *

Fastly CDN Outage Impacted Multiple Websites *

Latest Necro Python Malware has New Exploits and Crypto Mining Capabilities *

Phishing Campaign Targets U.S. Financial Industry Regulatory Authority (FINRA) *

Memory & Storage Manufacturing Giant ADATA Suffers Ransomware Attack *

Microsoft Patched Vulnerability In MSGraph Component *

PuzzleMaker Threat Actors Targeting Windows 10 Systems using Chrome Zero-days *

STUN Servers Abused for DDoS Attacks *

New Siloscape Malware Targets Windows Containers to Access Vulnerable Kubernetes Clusters *

Attackers are Actively Targeting Vulnerable VMware vCenter Servers *

Google Fixed Multiple Critical Bugs In Latest Android Security Updates *

Adobe Patches 41 Vulnerabilities in 10 Products *

Intel Fixes 73 Security Vulnerabilities *

Microsoft Patch Tuesday Security Advisory - June 2021 *

EvilCorp Cybercrime Gang Mimics PayloadBIN to Evade US Sanctions *

US Truck Manufacturer Navistar Discloses Data Breach *

Cisco Patches High-Risk Security Flaws in its Multiple Products *

Open Source Application "Have I Been Pwned" Used to Expose Stolen Credentials *

Nantucket Steamship Authority Suffers Ransomware Attack *

Researchers Disclosed Critical Bug In Realtek Wi-Fi Module *

Threat Actors Deploying SkinnyBoy Malware using Malicious MS Word Documents *

Threat Actors Bypassing Ransomware Defense in Antivirus Solutions via Whitelisted Applications *

Huawei Fixed Privilege Escalation Bug in its USB LTE Dongle *

FUJIFILM Suffers Ransomware Attack *

North Korean Hacking Operation Targeting South Korea Government Units *

Multiple Products from Cisco, Akamai & Linux affected by Vulnerability in Lasso Library *

Multiple Vulnerabilities Reported in Industrial Switches from Several Vendors *

Swedish Health Agency Shuts Down SmiNet's Database after Multiple Intrusion Attempts *

Attackers Exploiting Critical Zero-day Flaw in WordPress Plugin *

Researchers Disclosed Two New Attack Techniques which Modifies Certified PDF Document Content *

New Phishing Campaign Targeting Walmart Users Discovered *

Two Domains Used In Nobelium Phishing Campaign Seized *

Food Giant JBS Shuts down Temporarily due to Cyberattack *

BazaLoader Campaign Spreading Phishing Emails to Compromise Users Windows System *

FBI Reports Attackers are Exploiting Unpatched Fortinet Devices *

Researchers Warn of Facefish Backdoor Infecting Linux Devices *

New VSCode Extensions Bugs may Lead To Supply Chain Attacks *

Siemens Patches a High-severity Memory Protection Bypass in its PLCs *

Canada Post Reports Data Breach Post Supplier Ransomware Attack *

Threat Actors Distributing Trojanized AnyDesk Installer via Malvertising Campaign *

SolarWinds Hackers Deploying New 'NativeZone' Backdoor via a New Supply Chain Attack *

Klarna Mobile Application's Technical Bug Leaking Users Data *

New Epsilon Red Ransomware Abusing Unpatched Microsoft Exchange Servers *

Threat Actors Actively Exploiting a Command Injection Flaw in SonicWall's NSM On-Premises Products *

TPG Shutdown the Legacy TrustedCloud Service Post Data Breach *

Threat Actors Deploying Data Wiper Malware Disguised as Ransomware *

Checkbox Survey Patches Arbitrary Code Execution Flaw Being Exploited in the Wild *

Attackers Impersonating Devices via Newly Disclosed Bluetooth Bugs *

HPE Patches Critical Zero-day Flaw in Systems Insight Manager (SIM) *

Office 365 Bug Sending Exchange Online, Outlook Emails to Junk Folder *

Malware Attack Knocks out Siegfried Group’s Network *

Multiple Japanese Agencies Suffer Data Breaches in a Supply Chain Attack *

Hackers Sent Racist Registration Emails Pretending to be from Walmart *

Zeppelin Ransomware Back in Operation with an Updated Malware *

Apple Patches a Zero-day Flaw in TCC Framework *

Japan’s Omiai Dating App Data Breach; Over 2 Million Users Data Exposed *

VMware Patches Critical Remote Code Execution Flaw in vCenter *

CryptoCore Campaign Hacking Cryptocurrency Exchanges Globally *

Scheme Flooding Vulnerability Enables Hackers in Identifying Users *

Florida Water Treatment Plant Suffered a Cyber Incident Prior to the Poisoning Attack *

Ivanti Addresses a High-Severity Vulnerability in Pulse Connect Secure VPN *

Electronic Giant Bose Reports Data Breach Post Ransomware Attack *

Trend Micro Patches 3 Vulnerabilities in Home Network Security Devices *

Threat Actor Behind Infamous UPMC Breach Gets Verdict; Faces 7 Years in Prison *

Apple Patches 3 Zero-days Affecting macOS & tvOS Devices *

Microsoft Releases a Simulated Tool for Attack Scenarios *

23 Misconfigured Android Applications Leaking Users Personal Data *

Google Fixes Chrome Browser Crash on Windows 10 and Linux Platforms *

Google Patches Heap-based Buffer Overflow Vulnerability in Chrome *

CNA Financial Paid $40 Million Ransom to Evil Corporation *

FBI Warns Organizations about Conti Ransomware *

E-commerce Giant Mercari Suffers Massive Data Breach in Codecov Incident *

QNAP Warns Organizations about Qlocker Ransomware Impacting Vulnerable HBS Devices *

Stolen Dominos India Data Up for Sale on Dark Web *

Air India Hacked; 4.5 Million Passengers Information Leaked *

Android Releases Patches for 4 New Zero-day Vulnerabilities *

New Malware Campaign Delivers Fake Ransomware *

Slack Messaging Application Suffers Massive Outage *

Over 600,000 WordPress Sites Impacted by a Vulnerability in WP Statistics Plugin *

Magecart Hackers Deploying PHP-based Backdoor via Website Favicons *

New Banking Trojan Bizzaro Targeting European and South American Banks *

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks *

FBI Warns of a Spear Phishing Campaign Delivering Advanced Malware *

Student Insurance Provider Guard[.]me Suffers a Data Breach *

Insurance Giant AXA Hit by Ransomware Attack *

Threat Actors Deploying Lizar Malware under the Disguise of Ethical Hacking Tool *

APT36 Group Mimicking Legitimate Indian Military and Defense Organizations *

Monday[.]com Source Code Accessed by Codecov Hackers *

Toshiba's Subsidiary Unit Struck by DarkSide Ransomware Group *

Cisco Patches a Zero-day Bug in Cisco AnyConnect Client *

Rapid7 Source Code Accessed in Codecov Supply-chain Attack *

AMD Patches Two Flaws Bypassing AMD's SEV Protection System *

Snip3 Crypter Service Deploying Multiple RAT Variants *

Hackers Delivering Malware via Microsoft Build Engine Files *

Citrix Patches Vulnerability in Workspace Application for Windows *

New Cryptocurrency Phishing Scam Stealing Recovery Phrases via Twitter *

Colonial’s Pipeline Hack; $5 Million Ransom Paid *

QNAP warns of Zero-day Bug in Roon Servers *

Herff Jones Suffers Data Breach *

New Lorenz Ransomware Affecting Multiple Organizations Globally *

Brenntag Hack; $4.4 Million Ransom Paid *

DarkSide Ransomware Servers Seized Post-Colonial Pipeline Attack *

Lemon Duck Cryptominer Strikes Again *

Ireland’s Health Services Reports Ransomware Attack; $20 million Ransom Demanded *

Threat Actor Leaks Stolen Data Post D.C. Police Columbia Hack *

FBI and ACSC Warns of Avaddon Ransomware Attacks *

VideoLan Patches Auto-updater Bug in VLC Media Player *

Ransomware Attack on the City of Tulsa, USA *

All Wi-Fi Devices are Vulnerable to FragAttacks *

A New Qualcomm Vulnerability Impacting Android-based Mobile Devices *

Over 25% of Tor Exit Relays Spied on Users Dark Web Activities *

Google Patches 19 Bugs in Chrome 90.0.4430.212 *

Twitter's New Feature Tip Jar Exposing Sensitive Information *

Cuba Ransomware Partners With Hancitor for Spam-Fueled Attacks *

Law Firm Jones Day Hit by Data Breach *

Attackers are Exploiting Authoritative DNS Servers via TsuNAME DNS Bug *

NatWest Bank Scheduled Payments Bug May Cost Customers Money *

Russian Hackers Are Allegedly Exploiting 12 Vulnerabilities in the Wild *

New Stealthy Rootkit Targeting High-Profile Organizations *

Twilio & HashiCorp Reports Cyber Attacks Post Codecov Supply Chain Hack *

UNC2529 Threat Group Delivers Three New Malware Strains via Phishing Emails *

Six Unpatched Critical Flaws Detected in Remote Mouse Application *

Foxit Patches Remote Code Execution (RCE) Vulnerability in Foxit Reader *

Colonial Pipeline Suffers from Alleged Ransomware Attack *

Microsoft Edge Crashes while Playing YouTube *

Scammers Impersonate "SNL in Elon Musk" Show in a Cryptocurrency Scam *

VMware Patches Critical Flaw in vRealize Business for Cloud Virtual Appliance *

HP Enterprise Fixes Critical Bug In Edge Platform Tool *

New Windows Malware 'Pingback' Using ICMP for C2 Operations *

N3TW0RM Ransomware Targeting Israel-based Companies *

Alaska Court System Went Offline Amid Cyber Attack *

Critical 21Nails Exim bugs Affecting Vulnerable Linux Servers *

Network Solution and Register.com Reports DNS Outage *

Tesla Car Hacked Remotely using Drones *

Dell Fixes a 12-year-old Bug in DBUtil BIOS Driver *

Insight Global's Insider Threat Leaks COVID-19 Information *

Complexcodes is Selling Subscription based Commodity Malware "WeSteal" *

Chinese Attackers Hacked Russia's Largest Nuclear Submarine Designer *

A New Malspam Campaign Distributing Rust-based Buer Malware Variant *

Intel and AMD Chips are Vulnerable to Spectre Side-Channel Attacks *

Pulse Secure Addresses VPN Zero-Day Vulnerability *

LuckyMouse Targets Multiple Organizations via Sys-update Toolkit *

Critical IP Address Validation Vulnerability found in Python *

Mount Locker Ransomware Uses New Tricks to Evade Detection *

ISC Patches Several BIND Vulnerabilities in DNS Servers *

Researchers Expose a New Iranian State-Sponsored Ransomware Campaign *

SolarMarket RAT Uses Google SEO Tactics to Lure Victims *

First Horizon Bank Hacked; $1 Million Stolen *

2 iOS Zero-day Vulnerabilities fixed by Apple *

Chinese Hackers Attacking Military Organizations in South-East Asia *

Stealthy Backdoor Infecting Linux Systems *

FBI Shares 4 Million Emotet Botnet Stolen Email Addresses *

PHP Composer Bug Ends Up in a Widespread Supply-Chain Attacks *

Hotbit Cryptocurrency Exchange Down Post Cyberattack *

ParkMobile Stolen Customers Data Exposed Online *

Whistler Resort Municipality Suffers Ransomware Attack *

Microsoft Uncovered Critical Code Execution Bugs In IoT, OT Devices *

DigitalOcean Data Breach Exposes Customer Billing Information *

Brazil's Rio Grande Do Sul Court System Suffers Ransomware Attack *

Attackers are exploiting SonicWall Zero-day for Ransomware Attacks *

F5 Discloses KDC Spoofing Vulnerability in BIG-IP Consoles *

UnitingCare, Queensland Systems Taken Down *

UK Rail Network Merseyrail Hit by Lockbit Ransomware *

Google Patches Critical RCE Vulnerability in Chrome *

MangaDex Stolen Database Leaked Online *

NTLM Relay Attack Abuses Windows RPC Protocol Vulnerability *

Guilderland Central Schools Hit With Malware Attack *

Apple iCloud Mail Server Outage *

Fake Microsoft DirectX 12 Deploying Crypto-Stealing Malware *

D.C. Police Columbia Hacked; Ransom Demanded *

Oilfield Services Giant Gyrodata Discloses Data Breach *

Microsoft Teams Suffers Outage *

Attackers Spreading FluBot Malware via Android Devices *

Prometei Botnet Operators Exploiting Obscure Microsoft Exchange Servers *

New Cryptomining Malware Turning Vulnerable Windows, Linux Devices into Bots *

Hacker Leaks 20 million BigBasket's Data for Free *

Critical RCE Bug Reported in Homebrew Package Manager *

Hackers Exploiting PulseSecure to Deploy SUPERNOVA Malware *

Qlocker Malware Encrypting QNAP Devices Using 7zip *

Twitter Mistakenly Sends Spam Emails *

ToxicEye Trojan Abusing Telegram to Steal Data *

PasswordState is Latest Victim of Supply Chain Attack *

WhatsApp Pink Malware Auto Replies to Skype, Signal and other Messengers *

Exchange Online Down; Microsoft 365 Outage Affects Email Delivery *

Pareto Android Botnet Attacks Smart TV Ads *

1.3 Million Windows RDP Servers Login Credentials found in Hacker Forum *

Multiple Vulnerabilities in Google Chrome Patched *

Microsoft Partially Fixes Windows 7 and Server 2008 R2 Vulnerability *

Attackers Infecting Google Play Store via Fake Applications *

Eversource Energy Reported Data Breach *

Attackers Actively Exploiting 4 Pulse Secure Vulnerabilities *

Attackers Target Multiple Networks in a Supply Chain Attack Post Codecov's Data Breach *

Revil Gang Attempted to Extort Apple via Alleged Quanta Hack *

Zero-day Vulnerabilities Patched in SonicWall Email Security *

Remote Code Execution Vulnerabilities Discovered in Cosori Smart Air Fryer *

Malvertising Campaign "Tag Barnakle" Compromised 120 Ad Servers *

Attackers Hacking Android Devices Remotely via WhatsApp Flaws *

Lazarus APT Using BMP Images to Distribute Trojan *

Geico Suffers Data Breach; Policyholders' Driver's License Numbers Stolen *

Researchers Found Campaign Mimicking Microsoft Store, Spotify Sites, and Chess Application *

WordPress Patches XXE Flaw in PHP 8 *

Domino's India Database Hacked; 10 Lakh Credit Card Details Leaked *

Critical Remote Code Execution Vulnerability in Juniper Devices Discovered *

Attackers Exploiting Critical Flaw in Facebook's Live Videos Feature *

Multiple Vulnerabilities Reported in EtherNet/IP Stack for Industrial Systems *

Malware Spreading via Xcode Projects; Infecting Apple's M1-based Macs *

Attackers Stealing Credentials via Operation "Overtrap" *

Fortinet Discloses a New FormBook Variant *

Hackers Gained Access via Vulnerable VPN Device in Capcom Ransomware Attack *

Critical Zero-day Vulnerability Found in Desktop Window Manager (DWM) *

Swinburne University, Australia Suffers Data Breach *

Twitter Suffering Worldwide Outage *

Google Released Chrome 90 *

Cyberattack on The University of Hertfordshire, UK *

Tata Communications Data Breached via Route Mobile *

Over 100 Million Devices Vulnerable to DNS Vulnerabilities *

Attackers Tampering Popular App Stores to Distribute Malicious Apps *

Researchers Disclosing Second Chrome Zero-day Exploit *

SAP Fixes Critical Flaws in SAP Commerce, NetWeaver & Business Client *

Spying Android RAT "BRATA" Strikes Back *

New Phishing Campaign Delivering Fake Antivirus Billing Notices *

Malware hidden in Fake Browserify NPM package *

Adobe Fixes 10 Vulnerabilities in Multiple Products *

QBot Operators Using QBot & IcedID Malware as Final Payload *

Malicious Facebook Ads Dropping Malware on Systems *

Bakker Logistiek Suffers Ransomware Attack *

Microsoft Office 365 Phishing Campaign Evades Detection with Malicious Javascript Code *

10 Malicious Applications in App Gallery Infected with Joker Malware *

Microsoft Patch Tuesday Security Advisory - April 2021 *

New Malware "Saint Bot" Snatching User Passwords *

IcedID Malware Delivered via Contact Forms *

Swarmshop Hacked; Over 600,000 Stolen Records Exposed *

Pharmaceutical Giant "Pierre Fabre" Suffers REvil Ransomware Attack *

Multiple Gigaset Android Smartphones are Infected with Malware *

New Android Malware Auto-spreads to Devices using WhatsApp Auto-replies *

Lazarus Hacking Group Strikes Back with Vyveva Backdoor *

Rockwell Automation Addresses 9 Critical Vulnerabilities in FactoryTalk AssetCentre *

VISA Warns of Increasing Web Skimming Attacks *

LinkedIn Data Breach; 500 Million Users Data Posted On Dark Web *

Unpatched Fortinet VPN devices are exploited by Cring Ransomware *

Cisco Patches Cisco SD-WAN vManage Software Vulnerabilities *

Chinese Hackers Attacks Government & Military of Vietnam *

A New Spear-Phishing Campaign Deploying Malware Using Voice Changing Software *

Attackers Targeting Firms Using new Banking Trojan "Janeleiro" *

Hackers Deploying 'more_eggs' Malware via Fake LinkedIn Job Offers *

European Commission and EU Organizations Suffer Cyber Attack *

Booking.com Fined $560,000 by DPA *

VMware Fixes Critical RCE Flaw in Carbon Black Cloud Workload *

Data of Over 279 "Only Fans" Accounts Posted Online *

TU Dublin and National College of Ireland Suffers from Ransomware Attack *

Attackers Actively Exploiting Unpatched SAP Applications *

Hackers Exploiting Windows OS "BITS" Component *

$38M Worth of Gift Cards Sold by Cybercriminal on Russian Hacking Forum *

Outlook "Cannot send this item" Error Patched by Microsoft *

Clop Ransomware Gang Leaks Multiple Universities Sensitive Data Online *

Attackers are targeting Japan Industries with Multiple Backdoors *

Fake jQuery Plugin Deploying Malware on Systems *

Electronics Manufacturer "Asteelflash" Suffers REvil Ransomware Attack *

Brown University Suffers Cyberattack *

US DOJ Warns of Fake Covid-19 Vaccine Survey Phishing Campaign *

FBI and CISA Warns of Exploits Against Unpatched Fortinet FortiOS Servers *

Threat Actors Attempt to Extort Ubiquiti Post Data Breach *

Researchers Report Spike in Ransom DDoS Attacks *

Bogus Pen-Test Company "SecuriElite" Targeting Security Professionals *

Facebook Data Breach; 533 Million Users Data Exposed *

Citrix Addresses Multiple Vulnerabilities in Hypervisor *

SolarWinds Patches Four Vulnerabilities in Orion Platform *

Attackers Hacked PHP's Git Server to add Backdoors *

Malicious “System Update” Android Malware is Compromising Devices *

German Parliament Members Targeted by Spear-Phishing Attack *

BazarCall Malware Infecting Systems via Malicious Phone Calls *

New 5G Security Flaw allows Denial-of Service Attacks & Data Access *

Campaigns Spotted Targeting Gamers via Malware hidden in Game Cheats and Mods *

Fat Face Discloses Data Breach; Pays $2 Million Ransom *

VMware Fixes Two Critical Flaws in vRealize Operations Manager *

Harris Federation Hit by Ransomware Attack *

Slack Disables New Feature Amid Security Related Concerns *

npm Fixes a Critical Networking Vulnerability in "netmask" Library *

OpenSSL fixes Two High Severity Vulnerabilities *

Microsoft Patches Windows 10 Secure Boot Vulnerability *

Weintek Patches Remote Code Execution Flaws in its Product Range *

Evil Corporation Employs Hades Ransomware to Evade Detection *

Two Critical Vulnerabilities Patched in a WordPress Plugin *

FBI Warns of Mamba Ransomware *

Mobikwik Data Breach; Over 5 Million Users Data Exposed *

Threat Actors Exploiting Critical Flaws in GE's Universal Relay Products *

Apple Patches Webkit Browser Engine's Zero-day Vulnerability *

Backblaze Reports Data Breach; 9,245 Users' Metadata Exposed *

New Cloudflare's Page Shield Feature notifies Malicious JavaScript Dependencies *

Purple Fox Operators are Targeting Vulnerable Windows Systems *

Two Dozen Malicious Chrome Extensions are distributing Malware Globally *

Microsoft Patches Privilege Elevation Flaw in PSExec *

Multiple Security Vulnerabilities discovered in Cisco Jabber *

Adobe Fixes Critical Vulnerability in ColdFusion *

CISA and FBI warn about Phishing Attack spreading TrickBot Malware *

Colorado & Miami Universities Suffers Data Breach due to Vulnerable Accellion FTA Servers *

High Availability Server Manufacturer Stratus Suffers Ransomware Attack *

Shell Suffers Data Breach due to usage of Vulnerable Accellion FTA Servers *

Attackers Exploiting Vulnerable Qualcomm Graphic Components on Android Devices *

CNA Insurance Firm Suffers Ransomware Attack; New Malware Family Used *

IoT maker "Sierra Wireless" Reports Ransomware Attack; Site Taken Offline *

Attackers are taking Control of Vulnerable Apache OFBiz ERP via RCE Vulnerability *

Phishing Campaigns Bypassing Secure Email Gateways *

Phishing Mails containing fake COVID-19 Relief Checks downloads Dridex Trojan *

Threat Actors Hacked Windows, iOS, Android Users via Zero-day Attacks *

Mirai Botnet Exploiting Critical Flaws in Network Security Devices *

MangaDex Taken Offline Post Cyberattack *

Black Kingdom Ransomware Exploits Zero-day Flaws in Microsoft Exchange Servers *

Road Ministry warns Multiple Indian Government Organizations post Cyber-Attack Threats *

Fake Telegram Desktop Application downloads AZORult Malware *

CISA releases CHIRP Tool for SolarWinds Malicious Activity Detection *

CopperStealer Malware is Hijacking Social Media Accounts *

DDoS-as-a-Service exploits Citrix Devices *

New Malware XcodeSpy Targets iOS & macOS Developers *

Acer Suffers Ransomware Attack; $50 million Ransom Demanded *

Zoom Screen-sharing Bug is exposing Sensitive Data to Unauthorized Users *

Post Microsoft Outage files are missing from SharePoint *

Phishing Campaign Targets US Taxpayers *

Pysa Ransomware is Targeting US & UK Educational Institutions *

Twitter Image can be abused to hide Malicious Files *

Hackers Exfiltrating Stolen Data via JPG Files *

Mimecast Says SolarWinds Hackers Accessed Some Source Code *

Ransomware Attack on Pune District Smart City Costs Project Operators 50 Million Dollars *

RTM & Quoter Ransomware are Targeting Russian Finance and Transport Organizations *

A Time Zone Bug Crashing iOS Clock Application *

Microsoft Releases Mitigation Tool for Exchange Servers Affected in ProxyLogon Hack *

WeLeakInfo Hacker Site Hacked *

Phishing Domains can now Detect Virtual Machines using JavaScript *

Blender Software Developer Reports Cyber Attack *

Researchers Discovered Nim based Malware Exploiting Devices *

Microsoft Suffers Outage; Multiple Services Affected *

Metamorfo Banking Trojan abuses AutoHotKey to steal User Information *

Threat Actors Exploiting Avira Antivirus to Deliver Banking Trojans via DLL Side Loading Attack *

New ZHtrap Botnet Malware is turning Infected Targets to Honeypots *

Three Privilege Escalation Vulnerabilities fixed in Linux Kernel *

Threat Actors Exploiting Linux based Systems with new RedXOR Malware *

A New Zero-day WordPress Vulnerability enables Site Takeover *

Google Patches Zero-day Vulnerability in Chrome *

Mozilla Addresses Linux Crashes, Apple Silicon Hangs in Firefox 86.0.1 *

Molson Coors Reports an Outage *

Windows 10 Emergency Updates fixes Printing Crashes *

Researchers Disclose New and Powerful Version of BADHATCH PoS Malware *

Spanish Government Labor Agency Suffers Ransomware Attack *

New DEARCRY Ransomware Exploiting Vulnerable Microsoft Exchange Servers *

OVH Data Center Reported Massive Outage *

Second Cyber Attack on Norway's Parliament *

Maryland Attorney Seizes 5th Domain Used in COVID-19 Vaccine Phishing Attacks *

Hackers Accessed Verkada's Live Surveillance Cameras *

iPhone Call Recorder App Exposes People's Conversations *

F5 BIG-IP issued patches for Critical Remote Code Execution Vulnerabilities *

Microsoft Discloses 3 New Malware Strains in SolarWinds Hack *

Microsoft Patch Tuesday Security Advisory - March 2021 *

GitHub Users were forcibly Signed out to patch a Security Bug *

9 Android Application on Google Play Store found to be distributing Malware Dropper *

Researchers Disclose Side-Channel Attacks on Vulnerable Intel CPUs *

Global Aviation Industry Tech Supplier "SITA" Suffers Massive Data Breach *

Apple Addresses Remote Code Execution Vulnerability in WebKit *

Adobe Patches Flaws in Creative Cloud, Connect & Frame-maker *

Researchers Disclose New Tor based Malware "gafgyt" *

New Sarbloh Ransomware Encrypting Victim Files through Political Agenda *

Flagster Bank Suffers Data Breach due to usage of Vulnerable Accellion FTA Servers *

Google Chrome Blocks Port 554 as a Counter to NAT Slipstreaming Attacks *

European Banking Authorities Exchange Servers Hacked *

Microsoft Themed Phishing Attack Stealing User Credentials *

Over 15 Schools in UK Suffered Cyberattack *

Multiple Cisco Products Exposed to DoS Attack due to Snort Vulnerability *

Microsoft Releases a Tool for ProxyLogon Security Verification on Exchange Servers *

Microsoft Outlook Breached; Over 20,000 Organisations Affected Globally *

Supermicro, Pulse Secure Patches Vulnerabilities in BIOS & UEFI Products *

Attackers Hiding ObliqueRAT Trojan in Image Files via Steganography *

GRUB2 Patches Multiple High Severity Vulnerabilities in Boot Loader *

Over 6,700 VMware Servers Exposed post Exploit Code Release *

Hackers Deploying Malware on Compromised Websites via SEO Techniques *

Over 100 Italian Banks Targeted via Ursnif Trojan *

VMware Patches Remote Code Execution Vulnerability in View Planner *

Attackers Targeting Investors via BEC Campaigns *

CompuCom Suffers Malware Attack Leading to Service Outage *

Botnet Campaigns Abusing Bitcoin Blockchains & Deploying Skidmap Malware *

AOL Phishing Campaign Reported Stealing User Credentials *

Researchers Disocvered DoS Vulnerability in Eclipse Jetty *

Qualys Suffered Data Breach due to Zero-day Vulnerability in Accellion FTA Server *

PrismHR Suffers Massive Outage *

Malaysia Airlines Discloses a Data Breach *

Chinese Cybercriminals Exploiting 4 Zero-day Vulnerabilities in Microsoft Exchange *

Universal Health Services lost $67 Million by Ryuk Ransomware Attack *

Google Patches Zero-day Vulnerability in Chrome *

Dependency Confusion Vulnerability Exploited to steal Linux/Unix Password Files *

Ransomware Attack on Aviation Giant Bombardier *

Dutch e-Ticketing Platform Ticketcounter Suffers Data Breach *

Chinese Hackers Targeting Indian Power Grids & Seaports *

World's Leading Dairy Products Group Lactalis Hit by Cyber Attack *

Drive Corruption Vulnerability in Windows 10 *

LazyScripter Actors Target Airlines with Remote Access Trojans *

New Variant of Ryuk Ransomware Observed Self-propagating in Local Network *

Cisco Patches Critical Severity Authentication Bypass Vulnerability in Cisco ACI MSO *

Sequoia Capital Suffers Data Breach post a Failed BEC Attack *

FriarFox Browser Extension Targeting Tibetan Organizations *

Windows 10 BSOD Issues Resolved via Intel Wireless Driver Updates *

Online Dating Application Gaper Vulnerable to Multiple Critical Zero-day Flaws *

US Federal Reserve Suffers Massive Outage Nationwide *

Researchers Discloses Potential Code Injection Flaw in NodeJS Library "systeminformation" *

TD Bank Recovering from Systemwide Banking Outage *

XBOX Live Suffers Global Outage *

Accellion Vulnerability Exposes Pharmacy & Employee Data in Kroger Data Breach *

Keybase Patches a Bug that Exposes Deleted Sensitive Media to Attackers *

Threat Actors Deploying New Variants of MINEBRIDGE RAT via Word Documents *

Powerhouse Management Suffers from Large Scale DDoS Attacks *

WACUP Patches Several Bugs in Winamp Media Player *

Over 8 Million COVID-19 Test Results Leaked *

TietoEVRY IT Services Suffers Ransomware Attack *

Microsoft Begins Windows 10 21H1 Beta Testing *

VMware Patches Critical RCE Bug in vCenter *

Python Software Foundation Addresses Two Vulnerabilities *

US Shares Information on AppleJeus Malware *

LinkedIn Suffers Global Outage for Two Hours *

Fake Adobe Flashplayer Update Installs Adware Bundle *

Brave Browser's "Tor Mode" Leaks Onion Queries in DNS Traffic *

Certification Giant Underwriters Laboratories (UL) Suffers from Ransomware Attack *

Magecart Hackers Stealing Credit Card Information via Google Apps Script *

Attackers Targeting Apple's M1 Chip via Malicious Adware Extension *

Cuba Ransomware Triggers Data Breaches In US Cities & Agencies *

Dutch Research Council (NWO) Suffered Cyberattack *

RIPE NCC Suffers Credential Stuffing Attack *

OpenSSL Project Releases A New Patch For Three New Vulnerabilities *

VMware Patches Vulnerability in vSphere Replication Software *

Windows 10 Secure Boot Patch Exposes BitLocker Recovery Key *

Kia Motors USA Suffers Massive IT Outage *

EMSISOFT Exposes Internal Log Data Generated by their Test Products *

EXMO Cryptocurrency Exchange Suffers DDoS Attack *

Researchers Discloses Unpatched Vulnerabilities in SHAREit for Android OS *

Yandex Insider Threat Compromises 4887 Customer Accounts *

Telegram's "Super-Secret" Feature Exposes Self-Destructing Media Files to Attackers *

Siemens Patches Multiple Vulnerabilities in Virtualization Software *

PayPal Patches XSS Vulnerability in Currency Converter Feature *

Over 30 Mobile Health Apps Exposing Records of Millions of Users *

Fortinet Patches Multiple Vulnerabilities In SSL, VPN & Web Firewall Products *

Critical XSS Vulnerabilities Fixed In WordPress Plugin "NextGen Gallery" *

Windows Kernel Escalation of Privilege Zero Day Bug is Fixed in Microsoft Patch Tuesday *

CISA Warns of High-Severity Vulnerabilities in Fuji Electric Products *

Researchers Discloses Multiple Vulnerabilities in YouPHPTube and AVideo *

Dairy Farm Suffers REvil Ransomware Attack *

C-Level Executives Targeted via Phishing Attack *

Over 3 Million Cook County Court's Sensitive Data Records Exposed *

Mozilla Enhances Firefox Security Against Super Cookies & Disables Adobe Flash Support *

Microsoft Azure Function Vulnerable to Privileges Escalation & Docker Escape *

Apple Patched iOS, iPadOS & tvOS Multiple Vulnerabilities *

Law Enforcement Agencies around the Globe takes Down Emotet Ransomware Gang *

Oscorp - Credential Stealing Android Malware *

Lebanese Cedar APT Targeted Telecoms, Hosting, ISPs Worldwide *

North Korean Hackers Attacking Security Researchers *

Cisco Discloses Multiple Vulnerabilities in Small Business Routers *

Researchers Discloses Critical Vulnerabilities in F5 BIG-IP Products *

Well-known Religious Services "The Temple" Suffers a DoS Attack *

Linux Systems Under Attack via FreakOut Malware *

QNAP Warns Users of Dovecat Crypto Miner Malware *

Microsoft Discloses Methods used by SolarWinds Hacker Group to Avoid Detection *

1.9 Million Pixlr Users Stolen Data Available on Free Forums *

Adult Social Media Platform Fleek Leaking Users Explicit Data *

4.1 Million AnyVan Users Data Compromised via Data Breach *

VLC Media Player Patches Several Remote Code Execution Vulnerabilities *

Cisco Fixes PreAuth Remote Code Execution Vulnerabilities *

Crypto Exchange LiveCoin Shutting Down Post Cyber Attack *

Microsoft Enabling Full Automation Support for Microsoft Defender AV *

Cisco Fixes Windows DLL Injection Vulnerability in Cisco AnyConnect Secure Mobility Client *

Raindrop Malware Observed in SolarWinds Hack *

FireEye Releases Tool to Detect SolarWinds Hack Techniques *

SolarWinds Malware "Raindrop" Hiding in Modified 7Zip Source Code *

Oracle Releases Quarterly Critical Patches *

Multiple Twitter Accounts Hacked in "Elon Musk" Crypto Scam *

Malwarebytes Breached by SolarWinds Threat Actors *

Apple Removes Vulnerable MacOS Features in MacOS 11.2 Beta 2 *

Cybercriminals Blunder Exposes Stolen Credentials in Plain Sight *

Threat Actors Bypassing Two-Factor Authentication for Several Cloud Services Accounts *

Microsoft Patches Zero Day Vulnerability in Defender Antivirus *

Google Bans 164 Offending Android Applications from Play Store *

Mozilla Releases Security Updates for Thunderbird *

Scammers Blackmailing Coinmama Users via Porn Backlinks *

Windows 10 Bug Corrupts Hard Drive via Single Line Command *

NSA Urges Organizations Not to Use Third Party DNS Resolvers *

Bitdefender Releasing Free Decryptor for DarkSide Ransomware Victims *

Scottish Environment Protection Agency (SEPA) Suffering Conti Ransomware Attack *

Microsoft Announces Windows Zerologon Flaw ‘Enforcement Mode’ *

Threat Actors Compromising Mimecast's SSL Certificates *

Researchers Exposes United Nations Data Breach *

Linux Mint OS Patches ScreenSaver Bypass Vulnerability *

UK's Nohow International Cloud Data Breached *

Threat Actors Exploiting Windows "Finger Command" via Phishing Campaign *

Large Scale Data Breaches Targeting Russian Federation in Year 2020 *

Over 390,000 Users Data Compromised in Capcom Data Breach *

DoS Vulnerability in RockWell Automation RSLinx Classic Software *

Breached COVID-19 Vaccine Data Leaked Online via Hacker Forums *

Fake Trump Scandal Video Distributing QNode Malware *

SolarWinds Threat Actors Accessing Department of Justice's Email Servers *

FBI Warns Organizations on Egregor Ransomware *

Pysa Ransomware Hits Hackney Council & Leaked Data Up for Sale *

FIN7 Hacking Group Leveraging JSSLoader Malware *

Indian Government Websites Leaking COVID-19 Patient's Test Results *

Earth Wendigo Campaign Exfiltrating Emails via JavaScript Backdoor *

British Airways Plans £3bn Breach Settlement *

North Korean Hacking Group Supply Chain Attack Targeting Stock Investors *

Multiple Vulnerabilities in Fortinet FortiWeb WAF Leading to Arbitrary Code Execution *

Phone and Email Scammers Impersonating as ACSC *

Ransomware Attack Knocks Out Funke Media Group *

ElectroRAT Malware Drains Funds from 6,500 Digital Wallets *

Lake Regional Healthcare Suffers Ransomware Attack *

NameSouth's Data Breached by NetWalker Ransomware Group *

Sabre Corporation's 2017 Data Breach LawSuit Verdict *

Microsoft’s Windows Core Polaris Leaked Online *

10,000 American Express Credit Card Holder's Data Breached *

Vodafone's ho. Mobile Suffers Data Breach Impacting 2.5m User Records *

Hackers Launch Swatting Attacks by Exploiting Smart Home Devices *

SolarWinds Supply Chain Attack Led Hackers Access to Microsoft Source Code *

Secret Backdoor Account Detected in Several Zyxel Firewall & VPN Products *

CISA Releases Sparrow.ps1 Tool for Azure/M365 *

Japanese Aerospace Firm Kawasaki Warns of Data Breach *

Japanese Game Developer Koei Tecmo Suffers Data Breach *

FreePBX Developer Sangoma Technologies Hit by Conti Ransomware *

Authentication Bypass Vulnerability in SolarWinds Orion API *

Whirlpool Hit by Nefilim Ransomware Attack *

Adobe Flash Player Reaches End-Of-Life (EOL) *

Phishing Campaign Using Chase Banking Security Notice Emails *

Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability *

Smart Doorbell Devices Easily targeted by Hackers *

Cybercriminal's Bulletproof VPN Service Shuts Down *

Authentication Bypass Vulnerability in Bouncy Castle *

Chinese APT Group Operation StealthyTrident *

Critical Security Vulnerabilities Reported in Dell Wyse Thin Clients *

Ransomware Threat Actors Using 'SystemBC' Malware as Backdoor *

QNAP Fixes High Severity Vulnerabilities in NAS Devices *

CrowdStrike Launches Reporting Tool to Audit Azure AD Permissions *

Chinese Mobile Giant Xiaomi Recording Millions of Users Private Web & Phone Usage *

Al Jazeera Journalists Targeted via Pegasus Spyware *

VMware Vulnerability Exploited in SolarWinds Supply Chain Attack *

Credential Stealer Malware Targeting Financial Institutions *

Clop Ransomware Attack Detected on Symrise *

Microsoft Defender Blocking Known Malicious SolarWinds Binaries *

Mozilla Releases Security Fixes for Multiple Security Vulnerabilities *

Sextortion Campaign Targeting iOS, Android Users via Goontact Spyware *

New Windows Trojan Steals Browser Credentials, Outlook Files *

5G Network Architecture Multiple Vulnerabilities Discovered *

Contact Form 7 WordPress Plugin Emergency Patch Released *

MoleRats APT Variant Stealing Sensitive Data *

Unauthenticated Command Injection Flaw Exposes D-Link VPN Routers to Attacks *

Iranian Rana Android Malware Snooping on Instant Messenging Platforms *

Samsung Fixes Critical Android Bugs *

Adobe Releases Security Updates *

COVID-19 Vaccine Data Leaked *

Ransomware Attack on Netgain Technologies *

70 Lakh Indian Cardholders Data Leaked on Dark Web *

FireEye's Red Team Security Testing and Assessment Tools Stolen by State-Sponsored Hackers *

Microsoft Patch Tuesday Security Advisory - December 2020 *

Ransomware Attack on Television Production Company - Banijay Group SAS *

Maze Ransomware Attack on Canon *

DeathStalker APT Group Offers Hack For Hire Service *

Security Researchers Accidentally Discovers Windows Zero-Day *

Bandook Malware Targeting Multiple Sectors *

Windows 10 20H2 Update Fixes Broken In-Place Upgrade Feature *

Microsoft Office Products Non-Security Updates November 2020 *

Advanced Persistent Threat Attack Targeting U.S. Think Tank *

Huntsville City Schools District Shut Down by Ransomware Attack *

Ryuk Ransomware Attacks K12 Online School Platform *

Malicious npm Packages Installing Remote Access Trojans *

IoT Chip Maker Advantech Hit by Conti Ransomware *

Gootkit Malware Returns with REvil Ransomware *

New CursedGrabber Malware *

Delaware County Hit by DoppelPaymer Ransomware Attack *

Hackers Targeting COVID Vaccine Maker AstraZeneca *

Data Breach Attack on Peatix Events Management Organization Inbox *

LidarPhone Attack Converts Smart Vacuums into Microphones *

Mercy Iowa City Hospital Data Breach *

Over 300K Spotify Accounts Hacked *

Industrial Control System Vendors Warn of Critical Bugs *

Cisco Webex Ghost Flaw *

Chinese Sponsored Cyber Criminal Group Attacking Japan-Linked Organizations *

Cisco Webex Meetings API Cross-Site Scripting Vulnerability *

Mozilla Released Firefox 83 *

Unprotected Database Exposed a Scam Targeting 100K+ Facebook Accounts *

Mount Locker Ransomware Targeting TurboTax files *

Chinese APT Group FunnyDream *

Supply-Chain Attack Distributing Malware in South Korea *

APT 'Hackers For Hire' Target Financial, Entertainment Firms *

Multiple Vulnerabilities in Cisco Security Manager Software *

New Phishing Campaign Delivering Jupyter Malware *

Image Inversion Technique to Bypass Office 365 *

Critical Vulnerabilities Discovered in World's Largest Android TV Manufacturer *

E-Shops Running Vulnerable Version of Magento *

Source Code of Cobalt Strike Toolkit Shared Online *

Critical Remote Code Execution Vulnerability in Oracle WebLogic Server *

Animal Jam Kids Virtual Playground Suffered Data Breach *

Security Vulnerabilities in Unity Orchestrator SD-WAN *

High Severity Security Vulnerability in Cisco’s IOS XR Software *

Chrome Zero-day Vulnerabilities *

Australian Government Warns Healthcare Sector against Ransomware Attack *

Mozilla Releases Security Updates *

xHunt Hackers Attacking Exchange Servers *

Ransomware Attack on Blackbaud Cloud Software Provider *

Ransomware Hits E-Commerce Software Platform X-Cart *

Ubuntu GNOME Display Manager Vulnerability allows Root Access *

Ransomware Attack on Australian Media Monitoring Company *

Scammers Impersonating IRS for Payment Fraud *

Adobe Releases Security Updates *

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug *

Microsoft Teams ‘Fake Updates’ Malware Campaign *

Critical Security Updates for Multiple Intel Products *

Ghimob Banking Trojan *

Ransomware Attack on Italian Liquor Brand - Campari *

Microsoft Patch Tuesday - November 2020 *

Pay2Key Ransomware *

True Social Network App Exposed *

Critical Security Flaws in SaltStack IT Infra Management Solution *

Phishing Attacks on Russian Industrial Enterprises *

Cisco AnyConnect Arbitrary Code Execution Vulnerability *

Multiple Vulnerabilities in Google Android OS *

Multiple Vulnerabilities in Adobe *

Folksam Data Breach *

Bigbasket Suffers Data Breach - Data of 2 Crore Users Now On Sale In Dark Web *

Apple Fixes Three iOS Zero-Days *

Capcom Hit by Ragnar Locker Ransomware *

Dridex Botnet Stealing Banking Credentials *

VMware Multiple Security Updates *

Second Hand USB Drives Expose Sensitive Information of Previous Owners *

New Google Drive Phishing Campaign *

Cyberattack on Vermont Health Network *

Alibaba's Online Store RedMart Suffers Data Breach *

Bank Phone Numbers are being Spoofed to Rob Victims *

Windows Zero-Day Exploit Publicly Disclosed *

Nitro Software Massive Data Breach *

Cryptocurrency Service 'Harvest Finance' Hacked - $24 Million Stolen *

New Delivery Method of Emotet has been discovered *

Cyberattacks Hit Schools & Colleges *

Patients in Finland Blackmailed *

KashmirBlack Botnet *

Multiple Vulnerabilities in Fujitsu M12 Servers *

IT Service Provider Sopra Steria Hit by Ryuk Ransomware *

High Severity NVIDIA GeForce Experience Vulnerabilities Patched *

SQL Injection Vulnerability in Rapid7 Nexpose *

Information Disclosure Vulnerability in Linux Kernel *

Multiple Security Vulnerabilities Identified in WAGO’s Cloud Connectivity Controllers *

Browser Locker Scam Campaigns *

VMware Multiple Security Updates *

Zero-Click Vulnerabilities Identified in the Linux Bluetooth Software Stack *

Browser Address Bar Spoofing Vulnerabilities in Multiple Mobile Browsers *

Multiple Vulnerabilities in HP's Intelligent Management Center (IMC) Software *

High Severity Router Vulnerability in Cisco IOS XR Software *

Google Chrome Browser Multiple Security Updates *

GravityRAT *

Rise in QR Code Related Scams *

Latest Release of Chrome and Edge Generating Random Log Files *

Multiple Vulnerabilities in Magento CMS *

Multiple Vulnerabilities in SonicWALL Sonic OS *

Multiple Vulnerabilities in F2FS Toolset *

Juniper Networks Releases Security Updates *

Silent Librarian APT *

Clips from Exposed Home Security Cameras Posted Online *

Microsoft Disrupts TrickBot Malware Network *

Double Extortion Ransomware Attack on Software AG *

Denial-of-Service Vulnerabilities in Allen-Bradley Flex I/O System *

Adobe Flash Player Application Critical Patch Update *

Microsoft Patch Tuesday - October 2020 *

Microsoft Patches Critical Remote Code Execution Vulnerabilities *

Information Disclosure Vulnerability in Apache Tomcat *

Fitbit Spyware Watch Face *

MontysThree Malware Used In Targeted Industrial Espionage Attacks *

Critical Flaws Found In QNAP Helpdesk Leading To Device Takeover *

New Cryptojacking Variant : Black-T *

Vulnerability in Apple's T2 Mac Security Chips *

Google Releases Patches for 50 Android System's Vulnerabilities *

Trump's Health Email phishing Campaign Delivering BazarLoader Trojan *

Cisco Patches Multiple Vulnerabilities *

BAHAMUT : Hack For Hire Service *

Flaws In Top Antivirus Softwares Leading to Privilege Escalation *

Facebook Disables Chinese-Sponsored SilentFade Malware Campaign *

HEH Botnet *

APT Attack Injects Malware into Windows Error Reporting *

COVID-19 Clinical Trial Hit by Ransomware *

Multiple Vulnerabilities in Google Chrome Web Browser *

Iranian hackers are exploiting the Zerologon vulnerability *

Indian State Government Massive Data Breach *

MosaicRegressor Malware Framework UEFI Firmware Bootkit *

DDoS Attacks by Ransomware Attacker Groups *

XDSpy APT Group *

Backdoors in Microsoft 365 & Azure Active Directory using AADInternals PowerShell Module *

Raccine Ransomware Vaccine *

Microsoft Office 365 OAuth Access Token Phishing *

Egregor Ransomware *

InterPlanetary Storm Botnet Infects 13K Mac and Android Devices *

Multiple Security Vulnerabilities in Wireshark Packet Analyzer *

Palmerworm Espionage Campaign *

Swatch Shuts Down IT Systems to Stop Cyberattack *

Operation Sidecopy Launches Attack on Defense Forces in India *

Microsoft Removed 18 Azure AD Applications *

Microsoft Windows XP Source Code Leaked Online *

Multiple Vulnerabilities in Apple Products *

247K Microsoft Exchange Servers Vulnerable for RCE *

A Bug in Windows Server 2016 *

Magento Credit Card Stealing Malware *

Federal Agency Hit by Cyber Attack *

Chalubo DDoS Botnet Targeting Unsecured SSH Servers *

UHS hospitals Hit By Ransomware Attack *

Phishing Campaign stating End of Support for Windows 7 *

Microsoft Office 365 Outage Reported in USA & Australia *

Joker Trojan *

Taurus Malicious Ad Campaign *

Cisco Patches Multiple Security Bugs *

APT-C-43 Steals Military Secrets *

Microsoft Outlook Squatting Campaign *

MoDi RAT *

Heap Buffer Overflow Vulnerability in Instagram *

Mozilla Firefox 81 Released *

Automated MEOW Attack *

RansomExx Ransomware Attack on Tyler Technologies *

Phishing Campaign Targets AT&T Global Employees *

TinyCryptor Ransomware *

Multiple Security Vulnerabilities in Google Chrome Web Browser *

Mozilla Bug - Hijacking Firefox Android Browsers *

Maze Attackers adopt Ragnar Locker VM technique *

Chinese Hackers Targeting U.S. Agencies *

Multiple Vulnerabilities in Apple Safari *

ZShlayer Malware *

APT41 Chinese Hacking Group *

Phishing Scam using Security Awareness Training Emails *

MrbMiner Malware *

MFA Bypass Vulnerability in Microsoft 365 *

Prometei Multi-Modular Botnet *

Emotet Malware New Spamming Campaign *

Lemon Duck Cryptominer *

Qakbot malware *

Trojan Glupteba

BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers

Publish Date: 2021-12-03

Description

The BlackByte ransomware group is now infiltrating corporate networks by exploiting the Proxy Shell vulnerabilities that are patched y Microsoft during April and May 2021 to install web shells, coin miners, and ransomware on compromised Microsoft Exchange servers. Web Shells are short scripts that enable a threat actor to maintain persistence on a device and remotely execute commands or upload additional files to the server by uploading them to a web server. Proxy Shell is the name given to a group of three Microsoft Exchange vulnerabilities that, when chained together, allow unauthenticated, remote code execution on the server. The planted web shells are meant to drop a Cobalt Strike beacon on the server, which is then injected into the Windows Update Agent process and used to leak credentials for a compromised system's service account. Finally, the attackers install the Any Desk remote access tool and go on to the lateral movement stage after getting control of the account. When performing ransomware attacks, threat actors typically use third-party technologies to gain elevated privileges or deliver malware on a network. The BlackByte ransomware executable, on the other hand, is critical in this scenario because it controls both privilege escalation and the ability to worm or move around in the compromised environment. The malware modifies three registry settings: one for local privilege elevation, one for enabling network connection sharing between all privilege levels, and one for allowing long path values for file paths, names, and namespaces. To avoid last-minute interception, the malware deletes the "Raccine Rules Updater" scheduled task and wipes shadow copies directly through WMI objects before encryption using an obfuscated PowerShell command. Finally, the malware archives file with WinRAR and exfiltrate them through anonymous file-sharing platforms such as file.io or anonymfiles.com.

CVE-IDs
CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207

Affected Platform(s) / Version(s)
Exchange Servers

Distribution Method
Proxy Shell Vulnerabilities

Attack Type
Vulnerability Exploitation, and Ransomware Attack

Attack Source
Malicious Web shells

Region
Global

Affected Business(s)
Multiple Sectors

Recommendations
- Security administrators should block the IoCs on all applicable security solutions.
- Security administrators are strongly recommended to apply patches for Proxy Shell vulnerabilities, as soon as possible, after appropriate testing.
- To determine if the Microsoft servers have been scanned for these vulnerabilities, Security administrators must check Microsoft IIS logs for the "/autodiscover/autodiscover.json" or "/mapi/nspi/" strings.
- Security administrators should make sure that all applications, databases, servers, and network devices are periodically hardened and are adequately configured.
- Users should not download suspicious applications, attachments received over the internet and are alert to social engineering and phishing attacks.
- Use application whitelisting to allow only approved programs to run on the systems and use Multi-Factor Authentication (MFA) wherever possible.
- Security administrators should regularly take Backup of the applications, databases, and critical operating system data.
- Security administrators should apply the Principle of Least Privilege to all systems and services.
- Keep AV signatures, operating systems, and third-party applications up to date on all systems, mobile devices, and servers.

References
- https://redcanary.com/blog/blackbyte-ransomware/
- https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware/

IOC FILE: IoCs_BlackByte_Ransomware.xlsx

Malicious Websites Exploit SEO Poisoning to Spread Malware

Zscaler ThreatLabz researchers have uncovered a surge in fraudulent websites hosted on popular web hosting and blogging platforms, part of an elaborate strategy to spread malware t...

Published Date: 2024-04-26

FTC Announces $5.6 Million Refunds to Ring Users Over Privacy and Security Issues

The Federal Trade Commission (FTC) has announced that it will distribute $5.6 million in refunds to Ring users affected by privacy and security issues. The refunds come as part of ...

Published Date: 2024-04-26

North Korea-Linked Lazarus Group Unveils Complex Attack Chain Targeting Asia

In the summer of 2023, the Lazarus Group, a threat actor linked to North Korea, employed its well-known fabricated job lures to deliver a new remote access trojan (RAT) named Kaoli...

Published Date: 2024-04-26

Back

Home

BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers

Download PDF

BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers

This website uses COOKIES in order to offer you the most relevant information. Please accept cookies for optimal performance.

BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers

Publish Date: 2021-12-03

Description

Protect your Data and Brand Value from Data Breaches!

Infoshare-Varutra provide security services at an affordable price!

Reach Us: contact@infosharesystems.com

Related Posts

Malicious Websites Exploit SEO Poisoning to Spread Malware

FTC Announces $5.6 Million Refunds to Ring Users Over Privacy and Security Issues

North Korea-Linked Lazarus Group Unveils Complex Attack Chain Targeting Asia

Share Post

BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers

Download PDF

BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers