Developers of Linux are actively engaged in rectifying a critical vulnerability, which under certain conditions allows malicious actors to install malware at the firmware level of the motherboard. Such infections, also known as “bootkits,”...
Between November and December 2023, the hacking collective known as ResumeLooters purloined over two million email addresses and other personal data from 65 websites, primarily targeting job search platforms. The malefactors focused their efforts...
In its recent report, Google spotlighted the activities of various firms engaged in the development of spyware programs, urging the United States and its allies to intensify their efforts against the cyber espionage industry....
Hewlett Packard Enterprise (HPE) is investigating a potential breach following online claims regarding the sale of stolen HPE credentials and other confidential company information. The HPE investigation revealed that the data was sourced from...
According to a joint report by human rights organizations Access Now and Citizen Lab, the telephones of 35 journalists, activists, human rights defenders, and civil society representatives in Jordan were targeted with the Pegasus...
The widespread exploitation of a vulnerability in Ivanti Connect Secure and Policy Secure servers, identified as CVE-2024-21893, is raising alarms among cybersecurity professionals. This grave flaw, affecting software versions 9.x and 22.x, enables malefactors...
Clorox, an American manufacturer of household chemicals and professional cleaning agents, was subjected to an extortion attack during the summer, resulting in significant disruptions in supplies and order processing. The incident occurred on August...
The company Snyk has identified four vulnerabilities in virtualization systems collectively dubbed Leaky Vessels. These flaws enable malefactors to breach the confines of isolated containers and access data on the host operating system. Containers...
Interpol announced that during an international operation, law enforcement agencies apprehended 31 suspected cybercriminals and identified over 1,300 malicious servers used for conducting phishing attacks and disseminating malware. According to Interpol’s statement, Operation Synergia,...
Cloudflare recently unveiled details of an incident in which state-sponsored spies are believed to have gained access to Atlassian’s internal system using credentials stolen during a security breach at Okta in October. According to...
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning to American organizations regarding the escalating threat of cyberattacks targeting small office/home office (SOHO) routers. Particular...
Several days ago, researchers at Aqua Security published a report on the updated version of the malicious program HeadCrab, which has been targeting Redis database servers globally since September 2021. The emergence of this...
The Tor Project’s development team has released a report detailing the findings of a second audit conducted by Radically Open Security from April to August 2023. This examination scrutinized the code for operating exit...
In a recent report by Trend Micro, the cybercriminal group known as Pawn Storm, engaged in hacking operations targeting key global organizations since 2004, is detailed. Despite the seemingly outdated nature of their methods,...
In Italy, cybercriminal activity known as UNC4990, which employs infected USB devices to launch attacks across various sectors including healthcare, transportation, construction, and logistics, was reported by Mandiant on January 30. Active since late...
For several months, an exceptionally sensitive trove of data belonging to Binance lingered in a public GitHub repository. As revealed by 404 Media, this dataset encompassed codes, infrastructure blueprints, internal passwords, and other technical...
