A third-party UK visa site exposed passports and selfies on a public AWS server. It’s not official GOV.UK and affected at least 100,000 documents. UK Visa Portal is not run by the British government. It’s a third-party service, apparently operated by a UAE-registered company called Active Leadgen LLC, that charges fees to help people apply…
Tag: site
AI, Global Security News
ShinyHunters extorts Charter Communications after data breach
The incident came to light after Charter was listed on ShinyHunters’ data leak site, where the group claimed to have stolen 40 million records.
AI, Global Security News, malware
FBI director Kash Patel’s brand website taken offline after malware reports
FBI director site went offline after a hack used a fake Cloudflare page to trick users into running a ClickFix attack that installed malware. The merchandise website of FBI director Kash Patel (basedapparel[.]com) was taken offline on Friday after reports that it had been compromised by hackers using it to spread malware. The malware was…
AI, Exploits, Global Security News, Government & Policy, Risk Management
Drupal is rolling out an emergency security update on May 20. You cannot miss it
Drupal Is Pushing an Emergency Security Update Tomorrow. If You Run a Drupal Site, This Is Not One to Miss. Something significant is coming out of the Drupal project tomorrow, and the way the announcement is worded should be enough to get any site administrator’s attention. The Drupal Security Team has confirmed it will release…
Global Security News
Fake Claude AI Site Drops Beagle Backdoor on Windows Users
Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading
AI, Global Security News
Donuts and Beagles: Fake Claude site spreads backdoor
A malicious imitation of Anthropic’s Claude site leads to DLL sideloading – and a backdoor Categories: Threat Research Tags: Claude, Beagle, Backdoor, malvertising, AI, DONUT, DLL sideloading, Sophos X-Ops
AI, Global Security News
North Korean APT Targets Yanbian Gamers via Trojanized Platform
ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply‑chain attack, trojanizing Windows and Android software to spy on users
Compliance, Cybersecurity, Global Security News
Construction Safety Compliance Software: Keep Your Site Safe and Audit‑Ready Every Day
Discover how Construction Safety Compliance Software: Keep Your Site Safe and Audit‑Ready Every Day can enhance safety and streamline your site’s compliance. Key Highlights Embrace construction safety software to streamline your site safety and compliance management. In Australia, some of the most popular construction safety compliance software solutions include HammerTech, SiteDocs, and Procore, which are…
AI, Apps, Data Breaches, Global Security News, malware, Network Security
Qilin Ransomware allegedly breached chemical manufacturer giant Dow Inc
Qilin ransomware claims a breach of Dow Inc., listing it on its Tor leak site, but no proof of the hack has been released yet. Qilin Ransomware group allegedly breached the chemical manufacturing giant Dow Inc. The cybercrime group added the company to its Tor data leak site, but at this time, it has not…
AI, Apps, Global Security News
Komodor Launches Partner Program for AI-Driven SRE Services
Komodor, an autonomous AI site reliability engineering (SRE) platform provider for cloud-native infrastructure, has launched a new global partner program aimed at systems integrators, trusted advisors, and value-added resellers supporting enterprise Kubernetes environments. Announced on March 10, the Komodor Partner Program is designed to help partners deliver AI-driven cloud-native infrastructure reliability, incident management, and cost…
AI, Global Security News
Twitter suspended 800 million accounts last year – so why does manipulation remain so rampant?
Elon Musk’s social media site says it suspended 800 million accounts in a year for spam and manipulation – but with state-backed campaigns still flooding the platform, the real question is how many fake accounts remain. Read more in my article on the Hot for Security blog.
Global Security News
Fake CleanMyMac Site Uses ClickFix Trick to Install SHub Stealer on macOS
Researchers warn of a fake CleanMyMac site using a ClickFix attack to install SHub Stealer on macOS and steal passwords and crypto wallets.
Cybersecurity, Global Security News, Risk Management
New cyber module strengthens risk planning for health organizations
The Administration for Strategic Preparedness and Response’s (ASPR) new cybersecurity module in the Risk Identification and Site Criticality (RISC) 2.0 Toolkit helps organizations identify critical gaps, prioritize investments, and make informed decisions about risk mitigation to reduce disruptions to patient care and strengthen resilience. Healthcare leaders identified cloud-related threats, quantum computing risks, and attacks on…
AI, Global Security News, Government & Policy, Risk Management
Ukrainian hacker pleads guilty to running OnlyFake AI ID scam site
Ukrainian citizen Yurii Nazarenko admitted running OnlyFake, an AI-driven site that sold over 10,000 fake IDs worldwide. Ukrainian man Yurii Nazarenko pleaded guilty to operating OnlyFake, an AI-powered site that generated and sold more than 10,000 counterfeit IDs globally. “United States Attorney for the Southern District of New York, Jay Clayton, and Assistant Director in Charge…
AI, Global Security News
Scam Abuses Gemini Chatbots to Convince People to Buy Fake Crypto
A convincing presale site for phony “Google Coin” features an AI assistant that engages victims with a slick sales pitch, funneling payment to attackers.
AI, Global Security News, Risk Management
WordPress AI Assistant Puts Prompt Editing on the Menu for 40% of the Web
WordPress just turned “site editing” into a conversation. When the platform under a huge slice of the web changes its workflow, everyone feels the tremor. WordPress is used by 42.6% of all websites, according to W3Techs. So even if only a fraction of those site owners adopt prompt-based editing, it’s still a meaningful shift in…
Global Security News
Naming and shaming: How ransomware groups tighten the screws on victims
When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle