Windows admins warned to patch critical MSMQ QueueJumper bug
Security researchers and experts warn of a critical vulnerability in the Windows Message Queuing (MSMQ) middleware service patched by Microsoft...
cybersecurity
Hyundai data breach exposes owner details in France and Italy
Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning...
Microsoft shares guidance to detect BlackLotus UEFI bootkit attacks
Microsoft has shared guidance to help organizations check if hackers targeted or compromised machines with the BlackLotus UEFI bootkit by...
Cybercriminals charge $5K to add Android malware to Google Play
Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000,...
3CX confirms North Korean hackers behind supply chain attack
VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month's supply chain attack. "Based...
Kodi discloses data breach after forum database for sale online
The Kodi Foundation has disclosed a data breach after hackers stole the organization's MyBB forum database containing user data and...
SAP releases security updates for two critical-severity flaws
Enterprise software vendor SAP has released its April 2023 security updates for several of its products, which includes fixes for...
OpenAI launches bug bounty program with rewards up to $20K
AI research company OpenAI announced today the launch of a new bug bounty program to allow registered security researchers to...
Hacked sites caught spreading malware via fake Chrome updates
Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors that distribute malware to unaware...
Windows zero-day vulnerability exploited in ransomware attacks
Microsoft has patched a zero-day vulnerability in the Windows Common Log File System (CLFS), actively exploited by cybercriminals to escalate...
iPhones hacked via invisible calendar invites to drop QuaDream spyware
Microsoft and Citizen Lab discovered commercial spyware made by an Israel-based company QuaDream used to compromise the iPhones of high-risk...
SD Worx shuts down UK payroll, HR services after cyberattack
Belgian HR and payroll giant SD Worx has suffered a cyberattack causing them to shut down all IT systems for...
CISA orders govt agencies to update iPhones, Macs by May 1st
The Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch two security vulnerabilities actively exploited in the wild...
KFC, Pizza Hut owner discloses data breach after ransomware attack
Yum! Brands, the brand owner of the KFC, Pizza Hut, and Taco Bell fast food chains, is now sending data...
All Dutch govt networks to use RPKI to prevent BGP hijacking
The Dutch government will upgrade the security of its internet routing by adopting before the end of 2024 the Resource...
Breached shutdown sparks migration to ARES data leak forums
A threat group called ARES is gaining notoriety on the cybercrime scene by selling and leaking databases stolen from corporations and...
CISA orders agencies to patch Backup Exec bugs used by ransomware gang
On Friday, U.S. Cybersecurity and Infrastructure Security Agency (CISA) increased by five its list of security issues that threat actors...
FBI warns of companies exploiting sextortion victims for profit
For-profit companies reportedly linked to sextortion activity are targeting victims using various deceptive tactics to pressure them into paying for...
Exploit available for critical bug in VM2 JavaScript sandbox library
Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that...
Massive Balada Injector campaign attacking WordPress sites since 2017
An estimated one million WordPress websites have been compromised during a long-lasting campaign that exploits "all known and recently discovered...
MSI confirms security breach following ransomware attack claims
Following reports of a ransomware attack, Taiwanese PC vendor MSI (short for Micro-Star International) confirmed today that its network was...
Telegram now the go-to place for selling phishing tools and services
Telegram has become the working ground for the creators of phishing bots and kits looking to market their products to...
Medusa ransomware claims attack on Open University of Cyprus
The Medusa ransomware gang has claimed a cyberattack on the Open University of Cyprus (OUC), which caused severe disruptions of...
Hackers use Rilide browser extension to bypass 2FA, steal crypto
Security researchers discovered a new malicious browser extension called Rilide, that targets Chromium-based products like Google Chrome, Brave, Opera, and...
