GitHub Copilot update stops AI model from revealing secrets
GitHub has updated the AI model of Copilot, a programming assistant that generates real-time source code and function recommendations in...
News
Hackers start using Havoc post-exploitation framework in attacks
Security researchers are seeing threat actors switching to a new and open-source command and control (C2) framework known as Havoc...
Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops
Citrix Systems has released security updates for vulnerabilities in its Virtual Apps and Desktops, and Workspace Apps products. The addressed...
Russian hacker convicted of $90 million hack-to-trade charges
Russian national Vladislav Klyushin was found guilty of participating in a global scheme that involved hacking into U.S. computer networks...
North Korea’s APT37 Targeting Southern Counterpart with New M2RAT Malware
The North Korea-linked threat actor tracked as APT37 has been linked to a piece of new malware dubbed M2RAT in...
Webinar — A MythBusting Special: 9 Myths about File-based Threats
Bad actors love to deliver threats in files. Persistent and persuasive messages convince unsuspecting victims to accept and open files...
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a...
Regular Pen Testing Is Key to Resolving Conflict Between SecOps and DevOps
In an ideal world, security and development teams would be working together in perfect harmony. But we live in a...
Experts Warn of ‘Beep’ – A New Evasive Malware That Can Fly Under the Radar
Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and...
Devs targeted by W4SP Stealer malware in malicious PyPi packages
Five malicious packages were found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from...
Microsoft WinGet package manager failing from expired SSL certificate
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired. Released in May...
The Week in Ransomware – February 10th 2023 – Clop’s Back
From ongoing attacks targeting ESXi servers to sanctions on Conti/TrickBot members, it has been quite a busy week regarding ransomware....
NameCheap’s email hacked to send Metamask, DHL phishing emails
Domain registrar Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that...
Lazarus hackers use new mixer to hide $100 million in stolen crypto
North Korean hackers have found a way around U.S.-imposed sanctions to launder the cryptocurrency proceeds from their heists, according to...
FTC: $1.3 billion lost by 70,000 Americans to romance scams last year
The U.S. Federal Trade Commission (FTC) says Americans once again reported record losses of $1.3 billion to romance scams in...
Spain, U.S. dismantle phishing gang that stole $5 million in a year
Spain's National Police and the U.S. Secret Service have dismantled a Madrid-based international cybercrime ring comprised of nine members who...
Pepsi Bottling Ventures suffers data breach after malware attack
Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing...
Ransomware hits Technion university to protest tech layoffs and Israel
A new ransomware group going by the name 'DarkBit' has hit Technion - Israel Institute of Technology, one of Israel's leading...
New ‘MortalKombat’ ransomware targets systems in the U.S.
Hackers conducting a new financially motivated campaign are using a variant of the Xortist commodity ransomware named 'MortalKombat,' together with...
Apple fixes new WebKit zero-day exploited to hack iPhones, Macs
Apple has released emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and...
Eurostar forces ‘password resets’ — then fails and locks users out
International high-speed rail operator, Eurostar, is emailing its users this week and forcing them to reset their account passwords in a bid to "upgrade"...
Cloudflare blocks record-breaking 71 million RPS DDoS attack
This weekend, Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date. The company said...
451 PyPI packages install Chrome extensions to steal crypto
Over 450 malicious PyPI python packages were found installing malicious browser extensions to hijack cryptocurrency transactions made through browser-based crypto...
Microsoft: Exchange Server 2013 reaches end of support in April
Microsoft has reminded admins that Exchange Server 2013 is reaching its extended end-of-support (EOS) date in 60 days, on April...
