Mend.io SAML Vulnerability Exposed
WithSecure has unveiled a new security vulnerability in Mend.io’s application security platform today, raising concerns about data privacy and potential...
cybersecurity
German financial agency site disrupted by DDoS attack since Friday
The German Federal Financial Supervisory Authority (BaFin) announced today that an ongoing distributed denial-of-service (DDoS) attack has been impacting its...
Insurer fined $3M for exposing data of 650k clients for two years
The Swedish Authority for Privacy Protection (IMY) has fined insurer Trygg-Hansa $3 million for exposing on its online portal sensitive data belonging...
Okta: Hackers target IT help desks to gain Super Admin, disable MFA
Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based customers in an attempt...
Hackers exploit MinIO storage system to breach corporate networks
Image: Midjourney Hackers are exploiting two recent MinIO vulnerabilities to breach object storage systems and access private information, execute arbitrary...
Freecycle confirms massive data breach impacting 7 million users
Freecycle, an online forum dedicated to exchanging used items rather than trashing them, confirmed a massive data breach that affected...
Sensitive Data about UK Military Sites Potentially Leaked by LockBit
Gigabytes of sensitive data related to British military and intelligence sites have been exposed by the infamous LockBit ransomware group.Zaun,...
Python Package Index Targeted Again By VMConnect
Cybersecurity experts at ReversingLabs have unveiled a concerning continuation of the infamous VMConnect campaign. This ongoing assault, initially discovered in early...
Medical Data Breach: Ayush Jharkhand Hacked
The threat actor known as Tanaka recently has been observed sharing a post titled “bitsphere.in” on an English-speaking hacking forum, shedding...
University of Sydney data breach impacts recent applicants
The University of Sydney (USYD) announced that a breach at a third-party service provider exposed personal information of recently applied...
Children’s snack recalled after its website caught serving porn
Supermarket chain Lidl has been recalling four types of PAW Patrol-themed snacks across the UK. Except, the reason for the...
Chrome extensions can steal plaintext passwords from websites
A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can...
Fake YouPorn extortion scam threatens to leak your sex tape
A new sextortion scam is making the rounds that pretends to be an email from the adult site YouPorn, warning...
Classiscam fraud-as-a-service expands, now targets banks and 251 brands
Image: Midjourney The "Classiscam" scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more...
LogicMonitor customers hacked in reported ransomware attacks
Network monitoring company LogicMonitor confirmed today that some users of its SaaS platform have fallen victim to cyberattacks. The company...
GRU hackers attack Ukrainian military with new Android malware
Image: Midjourney Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation,...
Free Key Group ransomware decryptor helps victims recover data
Researchers took advantage of a weakness in the encryption scheme of Key Group ransomware and developed a decryption tool that...
Exploit released for critical VMware SSH auth bypass vulnerability
Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis...
Forever 21 data breach: hackers accessed info of 500,000
Forever 21 clothing and accessories retailer is sending data breach notifications to more than half a million individuals who had...
Lazarus hackers deploy fake VMware PyPI packages in VMConnect attacks
North Korean state-sponsored hackers have uploaded malicious packages to the PyPI (Python Package Index) repository, camouflaging one of them as...
Golf gear giant Callaway data breach exposes info of 1.1 million
Topgolf Callaway (Callaway) suffered a data breach at the start of August, which exposed the sensitive personal and account data...
Sourcegraph website breached using leaked admin access token
AI-powered coding platform Sourcegraph revealed that its website was breached this week using a site-admin access token accidentally leaked online...
Open-Source Malware SapphireStealer Expands
SapphireStealer, an open-source information stealer, has emerged as a growing threat since its public debut last year. This malware is...
Smishing Triad: China-Based Fraud Network Exposed
A Chinese-speaking cyber-criminal group named “Smishing Triad” has been observed conducting a large-scale smishing campaign targeting US citizens.This campaign has skillfully...
