Information Security News Blog
A hacker breached the website of the spyware application pcTattletale, which was found to be installed on registration systems of several Wyndham hotel chain locations in the United States. The attacker posted offensive content...
A massive data breach in India has exposed the biometric data of millions of citizens. An unsecured database containing fingerprints and facial scans of police, military personnel, and civilians was discovered during the general...
Cybercriminals are using the Python code of Microsoft’s legendary game “Minesweeper” to conceal malicious scripts in attacks on financial and insurance organizations in Ukraine. This was reported by the research agencies CERT-UA and CSIRT-NBU,...
A new malicious program, GhostHook v1.0, is rapidly spreading on a cybercriminal forum. This innovative fileless malware for browsers, developed by the hacker group Native-One, is distinguished by its unique distribution methods and versatility,...
A new type of malicious software targeting ATMs is rapidly spreading in the digital realm, remarkable for its effectiveness — its success rate, according to its creators, reaches 99%. This malware, named “EU ATM...
Cybercriminals are employing fake websites mimicking those of Avast, Bitdefender, and Malwarebytes to distribute information stealers for Android and Windows. Specialists at Trellix detailed this new campaign in their report. Trellix identified a list...
MITRE Corporation reported a cyberattack on their nonprofit organization in late December 2023. The attackers exploited zero-day vulnerabilities in Ivanti Connect Secure (ICS) to create counterfeit VMware virtual machines. The perpetrators accessed the vCenter...
New cyber threats often result from the evolution and modification of existing malware. Recent research has revealed that the new malware BLOODALCHEMY, used in attacks on government organizations in South and Southeast Asia, is...
GitLab has released updates for its current product line, addressing a vulnerability that allows unauthenticated attackers to hijack user accounts via XSS attacks. “Today we are releasing versions 17.0.1, 16.11.3, and 16.10.6 for GitLab...
In early 2021, an access control flaw in Apache Flink was rectified, which has now been added to the CISA KEV catalog. This signifies that cybercriminals are actively exploiting the vulnerability to compromise targets....
Earlier reports suggested that Google might change its strategy next year by switching the foundry for the Tensor G5 used in the Pixel 10 series to TSMC’s 3nm process, aligning its manufacturing capabilities with...
The Chinese hacker group Sharp Panda, known for its cyber espionage campaigns, has begun targeting government organizations in Africa and the Caribbean. This was reported by experts from Check Point in their recent report....