Ransomware hits Technion university to protest tech layoffs and Israel
A new ransomware group going by the name 'DarkBit' has hit Technion - Israel Institute of Technology, one of Israel's leading...
cybersecurity
Eurostar forces ‘password resets’ — then fails and locks users out
International high-speed rail operator, Eurostar, is emailing its users this week and forcing them to reset their account passwords in a bid to "upgrade"...
Cloudflare blocks record-breaking 71 million RPS DDoS attack
This weekend, Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date. The company said...
451 PyPI packages install Chrome extensions to steal crypto
Over 450 malicious PyPI python packages were found installing malicious browser extensions to hijack cryptocurrency transactions made through browser-based crypto...
New ‘MortalKombat’ ransomware targets systems in the U.S.
Hackers conducting a new financially motivated campaign are using a variant of the Xortist commodity ransomware named 'MortalKombat,' together with...
Apple fixes new WebKit zero-day exploited to hack iPhones, Macs
Apple has released emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and...
NPM packages posing as speed testers install crypto miners instead
A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers...
RedEyes hackers use new malware to steal data from Windows, phones
The APT37 threat group uses a new evasive 'M2RAT' malware and steganography to target individuals for intelligence collection. APT37, also...
Healthcare giant CHS reports first data breach in GoAnywhere hacks
Community Health Systems (CHS) says it was impacted by a recent wave of attacks targeting a zero-day vulnerability in Fortra’s...
New stealthy ‘Beep’ malware focuses heavily on evading detection
A new stealthy malware named 'Beep' was discovered last week, featuring many features to evade analysis and detection by security...
Microsoft: Exchange Server 2013 reaches end of support in April
Microsoft has reminded admins that Exchange Server 2013 is reaching its extended end-of-support (EOS) date in 60 days, on April...
U.S. sues Google for abusing dominance over online ad market
The U.S. Justice Department has filed a federal lawsuit today against Google for abusing its dominant position in the online...
Riot Games receives ransom demand from hackers, refuses to pay
Riot Games says it will not pay a $10 million ransom demanded by attackers who stole League of Legends source code...
Ransomware access brokers use Google ads to breach your network
A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords,...
FBI: North Korean hackers stole $100 million in Harmony crypto hack
The FBI has confirmed that the North Korean state-sponsored 'Lazarus' and APT38 hacking groups were behind the theft of $100...
Russia’s largest ISP says 2022 broke all DDoS attack records
Russia's largest internet service provider Rostelecom says 2022 was a record year for Distributed denial of service attacks (DDoS) targeting...
75k WordPress sites impacted by critical online course plugin flaws
The WordPress online course plugin 'LearnPress' was vulnerable to multiple critical-severity flaws, including pre-auth SQL injection and local file inclusion....
VMware fixes critical security bugs in vRealize log analysis tool
VMware released security patches on Tuesday to address vRealize Log Insight vulnerabilities that could enable attackers to gain remote execution...
Microsoft shares workaround for unresponsive Windows Start Menu
Microsoft has confirmed an issue causing the Windows Start menu to become unresponsive and some applications to no longer launch....
Hackers use Golang source code interpreter to evade detection
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage...
GoTo says hackers stole customers’ backups and encryption key
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups...
FanDuels warns of data breach after customer info stolen in vendor hack
The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security...
Google Ads invites being abused to push spam, adult sites
Google Ads invites are being abused to deliver email messages promoting spam and sex websites to users who are otherwise...
Massive ad-fraud op dismantled after hitting millions of iOS devices
A massive ad fraud operation dubbed 'Vastflux' that spoofed more than 1,700 applications from 120 publishers, mostly for iOS, has been...
