The U.S. Congress has disclosed the findings of an investigation, which reveals that the majority of major automakers transmit driver location data to law enforcement without a court order, despite public assurances to refrain...
Recently, cybersecurity experts at FortiGuard Labs discovered a previously unseen botnet network named Goldoon, targeting D-Link routers via the CVE-2015-2051 vulnerability, which has been known for nearly a decade. This vulnerability, rated nearly at...
A critical flaw in the GitLab system, which allows the interception and control of user accounts, was recently added to the CISA catalog of known exploitable vulnerabilities. This issue, identified as CVE-2023-7028 and rated...
Verizon’s annual Data Breach Investigations Report reveals a disturbing trend in cybersecurity: the use of vulnerabilities as an initial breach point has nearly tripled compared to last year, now accounting for 14% of all...
A new type of malware named “Cuttlefish” has been discovered in routers within major enterprises and small offices, monitoring all information passing through the infected devices and stealing credentials. Black Lotus Labs reports that...
The developers of the ZLoader malware, which recently resumed its activity after a two-year hiatus, have incorporated a range of new features inspired by the banking trojan Zeus. Santiago Vicente, a researcher from Zscaler,...
Aleksanteri Kivimäki, a 26-year-old hacker, has been sentenced to six years’ imprisonment. Local media reported this, citing a court decision related to the breach of the private psychotherapeutic center Vastaamo in Helsinki. The court...
Google has substantially increased the rewards for reporting vulnerabilities that allow successful remote code execution (RCE) in Android applications, raising the maximum cash payout for exceptional reports to $450,000. The updates pertain to the...
A former NSA employee has been sentenced to 21 years and 10 months in prison for attempting espionage on behalf of a foreign state. FBI Director Christopher Wray stated that this sentence should serve...
Specialists at QAX XLab have identified a new type of Android malware—a backdoor named Wpeeper, which is disseminated through APK files from unofficial app stores posing as the popular alternative marketplace Uptodown. Wpeeper is...
Over the past several years, Docker Hub, a platform for hosting software repositories, has been targeted by three major fraudulent campaigns. Researchers from JFrog identified that approximately 20% of the 15 million hosted repositories...
Malefactors have adopted a new strategy to disseminate the malicious software Latrodectus through phishing campaigns, cleverly disguising it as notifications from Microsoft Azure and Cloudflare. This method significantly complicates the task for email security...
Recently, Google announced significant efforts to enhance the security of its Play Store for Android. Last year, the company rejected or demanded corrections for approximately 200,000 applications that attempted to access users’ sensitive data,...
The Federal Communications Commission (FCC) has fined the largest American telecommunications companies nearly $200 million for disseminating customer location data without their consent. Penalties were imposed on AT&T, Sprint, T-Mobile, and Verizon after Notices...
The Canadian pharmacy chain London Drugs has closed all its retail stores following the discovery of a cybersecurity incident. The event, which affected the company’s systems, occurred on April 28. In response, the company...
A critical vulnerability has been discovered in the R programming language, potentially exposing organizations using this popular open-source language to software supply chain attacks. The vulnerability, designated CVE-2024-27322, has been rated 8.8 out of...
