Cryptocurrency executives and other investors with significant wealth from crypto holdings are getting more serious about personal security, according to stories this weekend in both the Wall Street Journal and Bloomberg. While cryptocurrencies have always created unique security risks, it seems there’s a rising threat of violent abduction due to the growing value of Bitcoin,…
Category: Security
Global Security News, Microsoft, Security
New ‘Defendnot’ tool tricks Windows into disabling Microsoft Defender
A new tool called ‘Defendnot’ can disable Microsoft Defender on Windows devices by registering a fake antivirus product, even when no real AV is installed. […]
Cybercrime, Cybersecurity, Global Security News, Securities and Exchange Commission, Security, sim swap, SIM Swapping, Twitter, U.S. Securities and Exchange Commission, X
US man who hacked SEC’s X account to spike Bitcoin price sentenced to prison
The Department of Justice announced Eric Council Jr. was sentenced to 14 months in prison for the hack.
Exploits, Global Security News, Security
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. […]
Global Security News, Security
Printer maker Procolored offered malware-laced drivers for months
For at least half a year, the official software supplied with Procolored printers included malware in the form of a remote access trojan and a cryptocurrency stealer. […]
Exploits, Global Security News, Security
Ransomware gangs increasingly use Skitnet post-exploitation malware
Ransomware gang members increasingly use a new malware called Skitnet (“Bossnet”) to perform stealthy post-exploitation activities on breached networks. […]
CryptoCurrency, Global Security News, Security
US charges 12 more suspects linked to $230 million crypto theft
Twelve more suspects were charged in a RICO conspiracy for their alleged involvement in the theft of over $230 million in cryptocurrency and laundering the funds using crypto exchanges and mixing services. […]
Application Security, Cybersecurity, Featured, GenAI, Global Security News, HashiCorp, IBM NHIs, Non-Human Identities, PAM, red hat, rsa, rsac, RSAC2025, Security, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, zero trust
IBM Reasserts Its Identity: A Modern Security Partner Rooted in Experience
In an industry currently full of noise, new logos and two-letter slides, IBM is proving that real security transformation in the AI revolution takes more than a lofty latte imbued vision. The post IBM Reasserts Its Identity: A Modern Security Partner Rooted in Experience appeared first on Security Boulevard.
Exploits, Global Security News, Security
CISA tags recently patched Chrome bug as actively exploited
On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. […]
Global Security News, Government, Security
Government webmail hacked via XSS bugs in global spy campaign
Hackers are running a worldwide cyberespionage campaign dubbed ‘RoundPress,’ leveraging zero-day and n-day flaws in webmail servers to steal email from high-value government organizations. […]
Global Security News, Government, Security
FBI: US officials targeted in voice deepfake attacks since April
The FBI warned that cybercriminals using AI-generated audio deepfakes to target U.S. officials in voice phishing attacks that started in April. […]
Global Security News, Security
Nova Scotia Power confirms hackers stole customer data in cyberattack
Nova Scotia Power confirms it suffered a data breach after threat actors stole sensitive customer data in a cybersecurity incident discovered last month. […]
Exploits, Global Security News, Security
Windows 11 and Red Hat Linux hacked on first day of Pwn2Own
On the first day of Pwn2Own Berlin 2025, security researchers were awarded $260,000 after successfully demonstrating zero-day exploits for Windows 11, Red Hat Linux, Docker Desktop, and Oracle VirtualBox. […]
Global Security News, Security, Software
New Tor Oniux tool anonymizes any Linux app’s network traffic
Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections. […]
Global Security News, Security
Malicious npm package using steganography downloaded by hundreds
A malicious package in the Node Package Manager index uses invisible Unicode characters to hide malicious code and Google Calendar links to host the URL for the command-and-control location. […]
Global Security News, Security
Malicious NPM package uses Unicode steganography to evade detection
A malicious package in the Node Package Manager index uses invisible Unicode characters to hide malicious code and Google Calendar links to host the URL for the command-and-control location. […]
CryptoCurrency, Global Security News, Security
Coinbase data breach exposes customer info and government IDs
Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not to publish the stolen information. […]
Global Security News, Security
Market-Inspired GPU Allocation in AI Workloads: A Cybersecurity Use Case
Learn how a self-adaptive GPU allocation framework that dynamically manages the computational needs of AI workloads of different assets/systems.
Global Security News, Security
Market-Inspired GPU Allocation in AI Workloads: A Cybersecurity Use Case
Learn how a self-adaptive GPU allocation framework that dynamically manages the computational needs of AI workloads of different assets/systems.
Coinbase, cyberattack, Cybersecurity, data breach, Global Security News, Security
Coinbase says customers’ personal information stolen in data breach
The crypto exchange giant said the hacker bribed contractors and employees in support roles to steal data.
Exploits, Global Security News, Google, Security
Google fixes high severity Chrome flaw with public exploit
Google has released emergency security updates to patch a high-severity Chrome vulnerability that has a public exploit and can let attackers hijack accounts. […]
Global Security News, Google, Security
Google Chrome to block admin-level browser launches for better security
Google is rolling out a change to Chromium that “de-elevates” Google Chrome so it does not run as an administrator to increase security in Windows. […]
Global Security News, North America, Security
Hackers behind UK retail attacks now targeting US companies
Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. […]
Cybersecurity, data breach, Global Security News, Government & Policy, Security, Trump Administration
White House scraps plan to block data brokers from selling Americans’ sensitive data
The decision to reverse course comes after an industry lobby group called for the rule change to be withdrawn.
Exploits, Global Security News, Security
Ransomware gangs join ongoing SAP NetWeaver attacks
Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat actors to gain remote code execution on vulnerable servers. […]
Global Security News, Security
Australian Human Rights Commission leaks docs to search engines
The Australian Human Rights Commission (AHRC) disclosed a data breach incident where private documents leaked online and were indexed by major search engines. […]
Global Security News, Security
Steel giant Nucor Corporation facing disruptions after cyberattack
A cybersecurity incident on Nucor Corporation’s systems forced the company to take offline parts of its networks and implement containment measures. […]
Global Security News, Security
Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation
New phishing tactics are abusing trusted domains, real CAPTCHAs, and server-side email validation to selectively target victims with customized fake login pages. Keep Aware’s latest research breaks down the full attack chain and how these zero-day phish operate. […]
Global Security News, Security
Fashion giant Dior discloses cyberattack, warns of data breach
House of Dior, the French luxury fashion brand commonly referred to as Dior, has disclosed a cybersecurity incident that has exposed customer information. […]
Global Security News, North America, Security
Kosovo extradites BlackDB admin to face US cybercrime charges
A Kosovo national has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018. […]
Cisco Multicloud Defense, Global Security News, Security
Simplify and Scale Security With Cisco Hybrid Mesh Firewall
Modern enterprises face challenges balancing security with the operational needs. Cisco solves this with Cisco Hybrid Mesh Firewall.
Cisco Multicloud Defense, Global Security News, Security
Simplify and Scale Security With Cisco Hybrid Mesh Firewall
Modern enterprises face challenges balancing security with the operational needs. Cisco solves this with Cisco Hybrid Mesh Firewall.
AI, ai safety, Global Security News, Grok, Security, xAI
xAI’s promised safety report is MIA
Elon Musk’s AI company, xAI, has missed a self-imposed deadline to publish a finalized AI safety framework, as noted by watchdog group The Midas Project. xAI isn’t exactly known for its strong commitments to AI safety as it’s commonly understood. A recent report found that the company’s AI chatbot, Grok, would undress photos of women when…
Exploits, Global Security News, Security
SAP patches second zero-day flaw exploited in recent attacks
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. […]
Global Security News, Security
North Korea ramps up cyberspying in Ukraine to assess war risk
The state-backed North Korean threat group Konni (Opal Sleet, TA406) was observed targeting Ukrainian government entities in intelligence collection operations. […]
Global Security News, Meta, NSO, NSO Group, Security, Spyware, surveillance, WhatsApp, zero days
Seven things we learned from WhatsApp vs. NSO Group spyware lawsuit
The landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here.
Global Security News, Security
Twilio denies breach following leak of alleged Steam 2FA codes
Twilio has denied in a statement for BleepingComputer that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes. […]
Global Security News, Security
Ivanti fixes EPMM zero-days chained in code execution attacks
Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. […]
Global Security News, Google, Mobile, Security
Android 16 expands ‘Advanced Protection’ with device-level security
Google is announcing improvements for the Advanced Protection feature in Android 16 that strengthen defenses against sophisticated spyware attacks. […]
Android, Apps, Global Security News, Google, Security
Google is adding new device-level features for its Advanded Protection program
At the Android Show, ahead of Google I/O 2025, Google announced that it is adding new device-specific features to its Advanced Protection program, which is designed to protect public figures such as politicians or journalists from different digital threats, with the Android 16 release. The new features include a new way of storing device logs…
Android, Apps, Global Security News, Google, Scam, Security
Google announces new security features for Android for protection against scam and theft
At the Android Show on Tuesday, ahead of Google I/O, Google announced new security and privacy features for Android. These new features include new protections for calls, screen sharing, messages, device access, and system-level permissions. With these features, Google aims to protect users from falling for a scam, keep their details secure in case a…
Exploits, Global Security News, Security
Fortinet fixes critical zero-day exploited in FortiVoice attacks
Fortinet released security updates to patch a critical remote code execution vulnerability exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. […]
Global Security News, Security
Ivanti warns of critical Neurons for ITSM auth bypass flaw
Ivanti has released security updates for its Neurons for ITSM IT service management solution that mitigate a critical authentication bypass vulnerability. […]
Cybersecurity, email scams, Exclusive, Global Security News, Government, Government & Policy, Security
Government email alert system GovDelivery used to send scam messages
The state of Indiana attributed the scam emails to a compromised contractor’s account.
Global Security News, Security
New Intel CPU flaws leak sensitive data from privileged memory
A new “Branch Privilege Injection” flaw in all modern Intel CPUs allows attackers to leak sensitive data from memory regions allocated to privileged software like the operating system kernel. […]
Global Security News, Microsoft, Security
Microsoft will update Office apps on Windows 10 until 2028
Microsoft has backtracked on its plan to end support for Office apps on Windows 10 later this year and announced that it will continue providing security updates for three more years, until 2028. […]
Global Security News, Security
Increase Red Team Operations 10X with Adversarial Exposure Validation
Red teams uncover what others miss — but they can’t be everywhere, all the time. Adversarial Exposure Validation combines BAS + Automated Pentesting to extend red team impact, uncover real attack paths, and validate defenses continuously. Learn more from Picus Security on how AEV can help protect your network. […]
Global Security News, Security
M&S says customer data stolen in cyberattack, forces password resets
Marks and Spencer (M&S) confirms that customer data was stolen in a cyberattack last month, when ransomware was used to encrypt servers. […]
Cybersecurity, data breach, Global Security News, retail, Security
Marks & Spencer confirms customers’ personal data was stolen in hack
A ransomware gang reportedly took credit for the data breach.
Emerging Tech, Global Security News, Security
CISA’s alert pivot reflects a new era of decentralized cyber threat communication
In a move that may redefine how the US government communicates cyber threats to the public and enterprises, the Cybersecurity and Infrastructure Security Agency (CISA) has announced a significant shift in its alert dissemination strategy. Going forward, only high-priority alerts—those tied to emerging threats or major cyber activity—will be posted on the agency’s Cybersecurity Alerts…
Global Security News, Security
ASUS DriverHub flaw let malicious sites run commands with admin rights
The ASUS DriverHub driver management utility was vulnerable to a critical remote code execution flaw that allowed malicious sites to execute commands on devices with the software installed. […]
Global Security News, linux, Security
Hackers now testing ClickFix attacks against Linux targets
A new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible. […]
Exploits, Global Security News, Security
Output Messenger flaw exploited as zero-day in espionage attacks
A Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. […]
Global Security News, Security
Moldova arrests suspect linked to DoppelPaymer ransomware attacks
Moldovan authorities have detained a 45-year-old suspect linked to DoppelPaymer ransomware attacks targeting Dutch organizations in 2021. […]
Global Security News, Security
Majority of Browser Extensions Pose Critical Security Risk, A New Report Reveals
99% of enterprise users have browser extensions but over half carry high-risk permissions. LayerX’s 2025 report reveals how everyday extensions expose sensitive data, and what security teams must do now. […]
Emerging Tech, Global Security News, Security
RSA Conference 2025 — News and analysis
RSA Conference 2025, focused on addressing evolving threats. Naturally, a major theme was the role of artificial intelligence (AI) and its potential to enhance security defenses through AI-driven security agents and threat detection. The other side of the coin is the risk AI poses by bad actors leveraging AI for sophisticated attacks, including AI-enhanced phishing…
AI, crowdstrike, Cybersecurity, Featured, Global Security News, NG-SIEM, rsac, RSAC2025, Security, Security Boulevard (Original), SOC, Social - Facebook, Social - LinkedIn, Social - X, Spotlight, zero trust
Security Gamechangers: CrowdStrike’s AI-Native SOC & Next Gen SIEM Take Center Stage at RSAC 2025
CrowdStrike introduced several enhancements to its Falcon cybersecurity platform and Falcon Next-Gen SIEM at the RSA Conference 2025, highlighting artificial intelligence, managed threat hunting and operational efficiencies aimed at transforming modern Security Operations Centers (SOC). The post Security Gamechangers: CrowdStrike’s AI-Native SOC & Next Gen SIEM Take Center Stage at RSAC 2025 appeared first on…
cyber security, cyber threat, Cybersecurity, Data Privacy, Data Security, Digital Privacy, Episodes, Facebook, Global Security News, Information Security, infosec, internet security, online safety, Podcast, Podcasts, privacy, privacy laws, SBN News, Security, Security Bloggers Network, Social Media Awareness, Social Media Risks, Social Media Security, Tech Podcast, Technology, Weekly Edition, XSS
Facebook Flaws and Privacy Laws: A Journey into Early Social Media Security from 2009
Join hosts Tom Eston, Scott Wright, and Kevin Johnson in a special best-of episode of the Shared Security Podcast. Travel back to 2009 with the second-ever episode featuring discussions on early Facebook bugs, cross-site scripting vulnerabilities, and a pivotal Canadian privacy ruling involving Facebook. Gain insights into social media security from the past and see…
Global Security News, Security
Bluetooth 6.1 enhances privacy with randomized RPA timing
The Bluetooth Special Interest Group (SIG) has announced Bluetooth Core Specification 6.1, bringing important improvements to the popular wireless communication protocol. […]
Global Security News, Security
iClicker hack targeted students with malware via fake CAPTCHA
The website of iClicker, a popular student engagement platform, was compromised in a ClickFix attack that used a fake CAPTCHA prompt to trick students and instructors into installing malware on their devices. […]
Artificial Intelligence, Global Security News, Security
Fake AI video generators drop new Noodlophile infostealer malware
Fake AI-powered video generation tools are being used to distribute a new information-stealing malware family called ‘Noodlophile,’ under the guise of generated media content. […]
Global Security News, Meta, NSO, NSO Group, Security, Spyware, surveillance, WhatsApp, zero days
Five things we learned from WhatsApp vs. NSO Group spyware lawsuit
The landmark trial between WhatsApp and NSO Group unearthed several new revelations. We recap some of them here.
Global Security News, Healthcare, North America, Security
Ascension says recent data breach affects over 430,000 patients
Ascension, one of the largest private healthcare systems in the United States, has revealed that a data breach disclosed last month affects the personal and healthcare information of over 430,000 patients. […]
Artificial Intelligence, Global Security News, Google, Security
Google Chrome to use on-device AI to detect tech support scams
Google is implementing a new Chrome security feature that uses the built-in ‘Gemini Nano’ large-language model (LLM) to detect and block tech support scams while browsing the web. […]
Global Security News, Security
Police dismantles botnet selling hacked routers as residential proxies
Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. […]
Botnet, Cybercrime, Cybersecurity, Department of Justice, Global Security News, Hackers, hacking, malware, Security
FBI and Dutch police seize and shut down botnet of hacked routers
U.S. authorities indicted three Russians and one Kazakhstan national for hacking and selling access to a botnet made of vulnerable internet-connected devices.
Global Security News, Security
Chinese hackers behind attacks targeting SAP NetWeaver servers
Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting SAP NetWeaver instances to a Chinese threat actor. […]
CryptoCurrency, Global Security News, Security
Germany takes down eXch cryptocurrency exchange, seizes servers
The Federal police in Germany (BKA) seized the server infrastructure and shut down the ‘eXch’ cryptocurrency exchange platform for alleged money laundering cybercrime proceeds. […]
Cybersecurity, encryption, Global Security News, Security, social media
Florida bill requiring encryption backdoors for social media accounts has failed
The bill would have required social media companies create encryption backdoors to allow access to users’ private information.
Global Security News, Hardware, Security
FBI: End-of-life routers hacked for cybercrime proxy networks
The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. […]
Cybersecurity, data breach, Global Security News, privacy, Security, South Korea
A timeline of South Korean telco giant SKT’s data breach
In April, South Korea’s telco giant SK Telecom (SKT) was hit by a cyberattack that led to the theft of personal data on approximately 23 million customers, equivalent to almost half of the country’s 52 million residents. At a National Assembly hearing in Seoul on Thursday, SKT chief executive Young-sang Ryu said about 250,000 users…
Global Security News, Security
Cisco fixes max severity IOS XE flaw letting attackers hijack devices
Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. […]
education, Global Security News, Security
Education giant Pearson hit by cyberattack exposing customer data
Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. […]
Global Security News, Security
Supply chain attack hits npm package with 45,000 weekly downloads
An npm package named ‘rand-user-agent’ has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user’s system. […]
Global Security News, Security
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. […]
Cybersecurity, education software, Global Security News, powerschool, Security
PowerSchool paid a hacker’s ransom, but now schools say they are being extorted
Schools in Toronto and North Carolina are reporting extortion attempts.
Global Security News, Security
Kickidler employee monitoring software abused in ransomware attacks
Ransomware operations are using legitimate Kickidler employee monitoring software for reconnaissance, tracking their victims’ activity, and harvesting credentials after breaching their networks. […]
Global Security News, Security
VC giant Insight Partners confirms investor data stolen in breach
Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. […]
Global Security News, Security
VC giant Insight Partners confirms investor data stolen in breach
Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. […]
Global Security News, Security
VC giant Insight Partners confirms investor data stolen in breach
Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. […]
Global Security News, Security
Google links new LostKeys data theft malware to Russian cyberspies
Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. […]
Artificial Intelligence (AI), Exploits, Global Security News, Security
AI Agent for Color Red
AI can automate the analysis, generation, testing, and reporting of exploits. It’s particularly relevant in penetration testing and ethical hacking scenarios.
Artificial Intelligence (AI), Exploits, Global Security News, Security
AI Agent for Color Red
AI can automate the analysis, generation, testing, and reporting of exploits. It’s particularly relevant in penetration testing and ethical hacking scenarios.
Cybersecurity, data breach, Global Security News, Insight Partners, Security, Venture
VC firm Insight Partners confirms personal data stolen during January hack
The venture capital firm has over $90 billion in assets under management, including cybersecurity giants.
Exploits, Global Security News, Security
SonicWall urges admins to patch VPN flaw exploited in attacks
SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks […]
Cybersecurity, DDoS, Featured, Global Security News, Security, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threats & Breaches, vulnerabilities
It’s a Mad, Mad World for DDoS; BGP Continues to Confound Security Teams
As the world roils in turmoil on numerous fronts, bad actors are seizing the moment by stepping up DDoS activity. The post It’s a Mad, Mad World for DDoS; BGP Continues to Confound Security Teams appeared first on Security Boulevard.
Global Security News, Security
LockBit ransomware gang hacked, victim negotiations exposed
The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump. […]
Authentication, Featured, FIDO, Global Security News, Identity & Access, passwords, Security, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Techstrong Council
Breaking the Password Barrier: FIDO’s Path to Seamless Security
As the digital world rapidly expands, the need for secure, seamless authentication becomes more urgent. At the forefront of this evolution is FIDO (Fast Identity Online), promoting password-less authentication that combines convenience with strong security. But FIDO’s long-term success depends not only on its security capabilities but also on achieving true interoperability across platforms and..…
Global Security News, graph theory cybersecurity, graph-based anomaly detection, IPFIX graph analytics, lateral movement detection, machine learning network monitoring, ML-driven network insights, network anomaly detection, network behavior analysis, network data relationships, network performance optimization, network topology modeling, Real Time Threat Detection, relational anomaly detection, Security, Security Bloggers Network
Tech Talk- AI Engine: A look at Transformative AI for Deep Insight into Anomalous Traffic
Graph-based anomaly detection transforms how network operators uncover threats and service issues by providing a deeper, relationship-driven understanding of all network activity traversing the eco-system. Unlike traditional methods that analyze isolated data points or rely on predefined rules, a graph-based approach leverages AI, ML, and graph theory to map and analyze the intricate relationships between…
Global Security News, Security
PowerSchool hacker now extorting individual school districts
PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to release the previously stolen student and teacher data if a ransom is not paid. […]
Global Security News, Security
CoGUI phishing platform sent 580 million emails to steal credentials
A new phishing kit named ‘CoGUI’ sent over 580 million emails to targets between January and April 2025, aiming to steal account credentials and payment data. […]
Exploits, Global Security News, Security
Hackers exploit OttoKit WordPress plugin flaw to add admin accounts
Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. […]
Exploits, Global Security News, Microsoft, Security
Play ransomware exploited Windows logging flaw in zero-day attacks
The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. […]
Global Security News, Security
Doubling down: How Universal 2nd Factor (U2F) boosts online security
Passwords alone aren’t cutting it—31% of breaches involve stolen credentials. Learn from Specops Software about how Universal 2nd Factor (U2F) and strong password policies can work together to keep your organization secure. […]
Global Security News, Healthcare, Security
Medical device maker Masimo warns of cyberattack, manufacturing delays
Medical device company Masimo Corporation warns that a cyberattack is impacting production operations and causing delays in fulfilling customers’ orders. […]
Global Security News, Security
CISA warns of hackers targeting critical oil infrastructure
CISA warned critical infrastructure organizations of “unsophisticated” threat actors actively targeting the U.S. oil and natural gas sectors. […]
Global Security News, Security
Police takes down six DDoS-for-hire services, arrests admins
Polish authorities have detained four suspects linked to six DDoS-for-hire platforms, believed to have facilitated thousands of attacks targeting schools, government services, businesses, and gaming platforms worldwide since 2022. […]
Exploits, Global Security News, Security
Apache Parquet exploit tool detect servers vulnerable to critical flaw
A proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. […]
Exploits, Global Security News, Security
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks
Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. […]
Global Security News, Security
UK Legal Aid Agency investigates cybersecurity incident
The Legal Aid Agency (LAA), an executive agency of the UK’s Ministry of Justice that oversees billions in legal funding, warned law firms of a security incident and said the attackers might have accessed financial information. […]