Recently, hackers have increasingly employed DNS tunneling to monitor when victims open phishing emails and click on malicious links, as well as to scan networks for vulnerabilities. DNS tunneling involves encoding data or commands...
Since April of this year, millions of phishing emails have been sent through the Phorpiex botnet as part of a large-scale campaign employing LockBit Black ransomware. This warning comes from the New Jersey Cybersecurity...
On May 6, the Cybernews research team discovered an enormous dataset on the internet containing personal information exclusively of Chinese citizens. The volume of data has already exceeded 1.2 billion records and continues to...
Security researchers from Phylum have discovered a malicious package in the popular PyPI repository, masquerading as the well-known library “requests,” but posing a significant threat to the entire developer community. The package, named “requests-darwin-lite,”...
The malicious actor known as IntelBroker claims to have stolen confidential documents from Europol’s Europol Platform for Experts (EPE). Europol has confirmed the breach of the EPE portal, designed for knowledge and methodology exchange...
eSentire has reported a new wave of attacks by the FIN7 hacker group, which has disguised itself as well-known brands to distribute malware. The attacks targeted users who clicked on fake ads in Google,...
According to a joint report by the FBI and CISA, affiliates of the Black Basta group attacked over 500 organizations from April 2022 to May 2024. The group also encrypted and stole data from...
Google has issued an urgent security update for its Chrome browser to address a high-severity “out of bounds write” vulnerability in its V8 JavaScript engine, tracked as CVE-2024-4761. This vulnerability has been confirmed as...
The North Korean hacker group Kimsuky employs sophisticated cyber espionage techniques, including the use of social networks and system management tools, according to a recent report by the South Korean company Genians. Kimsuky actively...
The head of WPP, the world’s largest advertising group, fell victim to a sophisticated fraud involving deepfake technology, including the cloning of voices through artificial intelligence. CEO Mark Read alerted the leadership in an...
Sysdig specialists have uncovered a novel attack scheme where stolen cloud service credentials are utilized to access cloud-based LLM (Large Language Model) services, aiming to resell access to other cybercriminals. This discovered attack, dubbed...
Citrix has issued a warning to its clients regarding the need for manual mitigation of a vulnerability in the SSH client PuTTY, which could allow malicious actors to steal the SSH private key of...
Dell has confirmed a data breach affecting approximately 49 million customers who have purchased its products since 2017. The incident involved Dell’s portal where customer purchase information was stored. The leaked data includes names,...
Recent vulnerabilities in Ivanti Connect Secure devices have enabled attackers to deploy the Mirai botnet, according to security researchers from Juniper. These vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, are currently being actively exploited. The...
Over the past three years, the fraudulent network BogusBazaar has processed over a million orders on fake online platforms, with a total transaction volume exceeding $50 million, as reported by SRLabs in their recent...
A year following the notorious cyberattack by the Clop group, during which hundreds of companies suffered data breaches, the University System of Georgia (USG), which comprises 26 public colleges and universities in the USA,...
