Sitemap - Cyber Transaction Payment Gateway

Posts

News

Top 10 Best Practices for Effective Data Protection - 16 May 2025
Breachforums Boss “Pompompurin” to Pay $700k in Healthcare Breach - 16 May 2025
Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks - 16 May 2025
Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks - 16 May 2025
[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications - 16 May 2025
Additional 12 Defendants Charged in RICO Conspiracy for over $263 Million Cryptocurrency Thefts, Money Laundering, Home Break-Ins - 15 May 2025
HHS Office for Civil Rights Settles HIPAA Cybersecurity Investigation with Vision Upright MRI - 15 May 2025
RIBridges firewall worked. But forensic report says hundreds of alarms went unnoticed by Deloitte. - 15 May 2025
Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit - 15 May 2025
Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 2) - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 1) - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 3) - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 5) - 15 May 2025
Beyond the kill chain: What cybercriminals do with their money (Part 4) - 15 May 2025
Sophos MDR: New analyst response actions for Microsoft 365 - 15 May 2025
Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom - 15 May 2025
Chinese Hackers Hit Drone Sector in Supply Chain Attacks - 15 May 2025
Pen Testing for Compliance Only? It’s Time to Change Your Approach - 15 May 2025
Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper - 15 May 2025
5 BCDR Essentials for Effective Ransomware Defense - 15 May 2025
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers - 15 May 2025
Official Indiana .gov email addresses are phishing residents - 15 May 2025
Cybersecurity incident at Central Point School District 6 - 15 May 2025
$28 million in Texas’ cybersecurity funding for schools left unspent - 15 May 2025
New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy - 15 May 2025
Turkish Group Hacks Zero-Day Flaw to Spy on Kurdish Forces - 14 May 2025
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan - 14 May 2025
Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit - 14 May 2025
Sophos Firewall v21.5: DNS protection - 14 May 2025
Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering - 14 May 2025
Cyberattacks on Long Island Schools Highlight Growing Threat - 14 May 2025
Microsoft primes 71 fixes for May Patch Tuesday - 14 May 2025
Administrator Of Online Criminal Marketplace Extradited From Kosovo To The United States - 14 May 2025
Dior faces scrutiny, fine in Korea for insufficient data breach reporting; data of wealthy clients in China, South Korea stolen - 14 May 2025
CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users - 14 May 2025
Personal information exposed by Australian Human Rights Commission data breach - 14 May 2025
Twilio denies breach following leak of alleged Steam 2FA codes - 14 May 2025
Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team - 14 May 2025
Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails - 14 May 2025
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns - 14 May 2025
Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server - 14 May 2025
Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks - 14 May 2025
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems - 14 May 2025
Nineteen Sophos Women Recognized by CRN’s Women of the Channel - 13 May 2025
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide - 13 May 2025
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads - 13 May 2025
International cybercrime tackled: Amsterdam police and FBI dismantle proxy service Anyproxy - 13 May 2025
North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress - 13 May 2025
Deepfake Defense in the Age of AI - 13 May 2025
N.W.T.’s medical record system under the microscope after 2 reported cases of snooping - 13 May 2025
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency - 13 May 2025
Introducing the Sophos MSP Elevate program - 13 May 2025
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency - 13 May 2025
Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers - 13 May 2025
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files - 12 May 2025
⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams - 12 May 2025
The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That - 12 May 2025
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures - 12 May 2025
Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors - 11 May 2025
Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data - 10 May 2025
Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection - 10 May 2025
OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities - 9 May 2025
BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation - 9 May 2025
Masimo Manufacturing Facilities Hit by Cyberattack - 9 May 2025
Star Health hacker claims sending bullets, threats to top executives: Reports - 9 May 2025
Education giant Pearson hit by cyberattack exposing customer data - 9 May 2025
Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business - 9 May 2025
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials - 9 May 2025
Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials - 9 May 2025
Beyond Vulnerability Management – Can You CVE What I CVE? - 9 May 2025
Lumma Stealer, coming and going - 9 May 2025
Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android - 9 May 2025
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell - 9 May 2025
Putting the dampener on tamperers - 8 May 2025
38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases - 8 May 2025
NICKEL TAPESTRY expands fraudulent worker operations - 8 May 2025
SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root - 8 May 2025
Qilin Leads April 2025 Ransomware Spike with 45 Breaches Using NETXLOADER Malware - 8 May 2025
MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware - 8 May 2025
Security Tools Alone Don’t Protect You — Control Effectiveness Does - 8 May 2025
Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported - 8 May 2025
UK: Legal Aid Agency hit by cyber security incident - 8 May 2025
60K BTC Wallets Tied to LockBit Ransomware Gang Leaked - 8 May 2025
Georgia hospital defeats data-tracking lawsuit - 8 May 2025
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware - 8 May 2025
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT - 8 May 2025
Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki - 7 May 2025
PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway - 7 May 2025
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines - 7 May 2025
Cyberattack puts healthcare on hold for hundreds in St. Louis metro - 7 May 2025
Call for Public Input: Essential Cybersecurity Protections for K-12 Schools (2025-26 SY) - 7 May 2025
OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws - 7 May 2025
Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks - 7 May 2025
Europol: DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains - 7 May 2025
Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection - 7 May 2025
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version - 7 May 2025
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization - 7 May 2025
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times - 7 May 2025
NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware - 7 May 2025
GlobalX, Airline for Trump’s Deportations, Hacked - 6 May 2025
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet - 6 May 2025
New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims - 6 May 2025
Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches - 6 May 2025
Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks - 6 May 2025
IT warning after 160-year-old firm goes into administration following a ransomware attack - 6 May 2025
Entra ID Data Protection: Essential or Overkill? - 6 May 2025
California man pleads guilty to wire fraud for $1 million fraud scheme to steal from his employer - 6 May 2025
Alleged Nomad Bridge Hacker Arrested and Faces US Extradition - 6 May 2025
Google Fixes Actively Exploited Android System Flaw in May 2025 Security Update - 6 May 2025
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence - 6 May 2025
Negotiations with the Akira ransomware group: an ill-advised approach - 5 May 2025
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed - 5 May 2025
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi - 5 May 2025
Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace - 5 May 2025
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors - 5 May 2025
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data - 5 May 2025
Data Breach at Fowler Elementary School District: The Interlock Ransomware Group’s Attack - 4 May 2025
Disney Hacker Who Accessed 1.1 Terabytes of Data Pleads Guilty - 4 May 2025
Patients left in the dark months almost a year after criminals leaked sensitive medical data from Synnovis - 4 May 2025
Co-op hackers boast of ‘stealing 20 million customers’ data’ – as retailer admits impacts of ‘significant’ attack - 3 May 2025
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack - 3 May 2025
Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware - 3 May 2025
Acadian Ambulance Seeks Dismissal of Data Breach Lawsuit - 3 May 2025
Hacker hired Telangana man to courier threats to Star Health Insurance MD - 3 May 2025
Saskatoon children’s hospital nurse unlawfully snooped on records of 314 patients: privacy report - 3 May 2025
Dating app Raw exposed users’ location data and personal information - 3 May 2025
Qilin announces attack on Cobb County, Georgia - 3 May 2025
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems - 3 May 2025
US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks - 2 May 2025
“SCAM” is a four-letter word: BreachForums edition - 2 May 2025
Ukrainian National Extradited from Spain to Face Conspiracy to Use Ransomware Charge - 2 May 2025
TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China - 2 May 2025
How to Automate CVE and Vulnerability Advisory Response with Tines - 2 May 2025
OK: Cyberattack shuts down Bartlesville School network, state testing postponed - 2 May 2025
Gov’t orders SKT to notify individual users whose data may have been breached - 2 May 2025
MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks - 2 May 2025
Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support - 2 May 2025
New York’s Latest Cyber Rules Pressure Small Companies, Vendors - 1 May 2025
Raytheon Companies and Nightwing Group to Pay $8.4M to Resolve False Claims Act Allegations Relating to Non-Compliance with Cybersecurity Requirements in Federal Contracts - 1 May 2025
Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers - 1 May 2025
Sophos Firewall v21.5: Entra ID SSO for Sophos Connect - 1 May 2025
Why top SOC teams are shifting to Network Detection and Response - 1 May 2025
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign - 1 May 2025
Data breach at collections vendor could affect some Bristol, Tennessee accounts - 1 May 2025
Za: Cell C confirms data breach, warns users to remain vigilant - 1 May 2025
Texas Health and Human Services Commission Notifies Additional Individuals Regarding Insider Wrongdoing Breach - 1 May 2025
Cybersecurity experts investigating “suspicious activity” in Iowa County network - 1 May 2025
Barnstable County Sheriff’s Office Employee On Leave, Suspected In Data Breach - 1 May 2025
45 CHS hospitals were affected by the Oracle Health outage - 1 May 2025
DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics - 1 May 2025
New Research Reveals: 95% of AppSec Fixes Don’t Reduce Risk - 1 May 2025
Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach - 1 May 2025
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models - 1 May 2025
Investigators don’t know who leaked a Wisconsin Supreme Court draft order on abortion case - 30 April 2025
Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense - 30 April 2025
Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks - 30 April 2025
Google warns of data security risks if Chrome is sold off - 30 April 2025
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool - 30 April 2025
[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats - 30 April 2025
Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About - 30 April 2025
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control - 30 April 2025
Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code - 30 April 2025
Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations - 30 April 2025
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems - 29 April 2025
WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy - 29 April 2025
SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients - 29 April 2025
Product Walkthrough: Securing Microsoft Copilot with Reco - 29 April 2025
Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products - 29 April 2025
Pro-Russian hackers strike Dutch municipalities with coordinated DDoS attack - 29 April 2025
EFF Leads Prominent Security Experts in Urging Trump Administration to Leave Chris Krebs Alone - 29 April 2025
Marks & Spencer breach linked to Scattered Spider ransomware attack - 29 April 2025
Finding Minhook in a sideloading attack – and Sweden too - 29 April 2025
Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool - 29 April 2025
CISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV Database - 29 April 2025
⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More - 28 April 2025
How Breaches Start: Breaking Down 5 Real Vulns - 28 April 2025
Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools - 28 April 2025
WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors - 28 April 2025
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised - 28 April 2025
Russian-linked hackers appear to have launched a crippling cyberattack on Western New Mexico University - 27 April 2025
SK Telecom vows to take full responsibility for damage from recent data leak - 27 April 2025
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers - 27 April 2025
North Dakota Expands Data Security Requirements and Issues New Licensing Requirements for Brokers - 26 April 2025
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion - 26 April 2025
Oregon court dismisses lawsuit over 2023 MOVEit data breach affecting 3.5 million Oregonians - 26 April 2025
High Court rules landlord entitled to additional £6m indemnity from insurance broker after data breach - 26 April 2025
Oregon DEQ won’t say if ransomware group took employee data in cyberattack - 26 April 2025
HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation with Comprehensive Neurology, PC - 25 April 2025
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector - 25 April 2025
Scattered Spider Hacking Suspect Extradited to US From Spain - 25 April 2025
Several more lawsuits filed against Frederick Health Hospital related to data breach, cybersecurity failures - 25 April 2025
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here’s the conclusions! - 25 April 2025
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures - 25 April 2025
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers - 25 April 2025
Why NHIs Are Security’s Most Dangerous Blind Spot - 25 April 2025
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks - 25 April 2025
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers - 25 April 2025
Former Disney employeedwho hacked Disney World restaurant menus in revenge sentenced to 3 years in federal prison - 24 April 2025
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware - 24 April 2025
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure - 24 April 2025
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools - 24 April 2025
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals - 24 April 2025
No need to hack when it’s leaking: Atrium Health edition - 24 April 2025
High court upholds damages in ICBC privacy breach that resulted in shootings, arson - 24 April 2025
HHS Office for Civil Rights Settles Phishing Attack Breach with Health Care Network for $600,000 - 24 April 2025
DOGE Sued Over Record Keeping, Failing to Reply to FOIA Requests - 24 April 2025
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely - 24 April 2025
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign - 24 April 2025
Blue Shield of California shared the health data of 4.7 million people with Google for years - 24 April 2025
County auditor ordered to pay $80k after cyberattack - 24 April 2025
WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads - 23 April 2025
Former U.S. Army Intelligence Analyst Sentenced for Selling Sensitive Military Information to Individual Tied to Chinese Government - 23 April 2025
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack - 23 April 2025
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign - 23 April 2025
DOGE Ransomware Hackers Demand $1 Trillion - 23 April 2025
Au: Hacking suspect nabbed over court file data breach - 23 April 2025
Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices - 23 April 2025
Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp - 23 April 2025
Three Reasons Why the Browser is Best for Stopping Phishing Attacks - 23 April 2025
Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack - 23 April 2025
Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito - 23 April 2025
Cyberattack targets thousands of students, staff members at Baltimore City Public Schools - 22 April 2025
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals - 22 April 2025
Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals - 22 April 2025
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages - 22 April 2025
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials - 22 April 2025
5 Major Concerns With Employees Using The Browser - 22 April 2025
Ex-employee, firm head booked for data theft - 22 April 2025
Hospital Español Auxilio Mutuo de Puerto Rico notifies patients of September 2023 cyberattack - 22 April 2025
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach - 22 April 2025
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware - 22 April 2025
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan - 21 April 2025
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks - 21 April 2025
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More - 21 April 2025
5 Reasons Device Management Isn’t Device Trust - 21 April 2025
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery - 21 April 2025
Chinese Ghost Hackers Hit Hospitals And Factories In America And U.K. - 20 April 2025
Behavioral Health Resources of Washington state updates its data breach disclosure - 20 April 2025
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures - 20 April 2025
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems - 19 April 2025
Baltimore City State’s Attorney’s Office hacked; Data leaked - 19 April 2025
Breaches Within Breaches: Contractual Obligations After a Security Incident - 19 April 2025
Don’t be so quick to claim there’s no reason to believe there’s compromise of patient info: Saturday edition - 19 April 2025
NDPC, Health Ministry Partner to Boost Data Protection in Healthcare - 19 April 2025
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware - 19 April 2025
Radiology practice reportedly working with FBI after ‘data security incident’ - 18 April 2025
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States - 18 April 2025
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader - 18 April 2025
[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach - 18 April 2025
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT - 18 April 2025
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download - 18 April 2025
Moving CVEs past one-nation control - 17 April 2025
HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation with Guam Memorial Hospital Authority - 17 April 2025
Edmond cybersecurity CEO accused of planting malware on hospital computers - 17 April 2025
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates - 17 April 2025
Artificial Intelligence – What’s all the fuss? - 17 April 2025
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns - 17 April 2025
British law firm fined after ransomware group publishes confidential client data - 17 April 2025
Former CISA director Chris Krebs vows to fight back against Trump-ordered federal investigation - 17 April 2025
Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords - 17 April 2025
Hacking group Anonymous targets Russia, releases Trump files - 17 April 2025
A whistleblower’s disclosure details how DOGE may have taken sensitive labor data - 17 April 2025
CISA warns of increased breach risks following Oracle Cloud leak - 17 April 2025
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers - 17 April 2025
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution - 17 April 2025
CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices - 17 April 2025
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks - 16 April 2025
Nude photos and names: KU Health and Kansas hospital sued for data breach - 16 April 2025
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler - 16 April 2025
Maryland Man Pleads Guilty to Conspiracy to Commit Wire Fraud - 16 April 2025
Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024 - 16 April 2025
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains - 16 April 2025
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins - 16 April 2025
Sophos India Volunteers Bring Color to Local Schools - 16 April 2025
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks - 16 April 2025
Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense - 16 April 2025
South Africa Introduces Mandatory e-Portal Reporting for Data Breaches - 16 April 2025
Sophos Annual Threat Report appendix: Most frequently encountered malware and abused software - 16 April 2025
The Sophos Annual Threat Report: Cybercrime on Main Street 2025 - 16 April 2025
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users - 16 April 2025
U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert - 16 April 2025
BakerHostetler’s 2025 Data Security Incident Response Report Finds Less Malware Used in 2024 - 15 April 2025
4chan hacked, internal data leaked on rival image board - 15 April 2025
Sophos Firewall v21.5: NDR Essentials - 15 April 2025
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence - 15 April 2025
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders - 15 April 2025
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool - 15 April 2025
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds - 15 April 2025
Kyiv Region Police Expose Hackers Who Infected Notaries’ Computers with Viruses and Changed Data in State Registries - 15 April 2025
The Most Dangerous Hackers You’ve Never Heard Of - 15 April 2025
China accuses US of launching ‘advanced’ cyberattacks, names alleged NSA agents - 15 April 2025
The art of restraint: why not every system should be owned - 15 April 2025
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges - 15 April 2025
Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability - 15 April 2025
Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval - 15 April 2025
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading - 14 April 2025
Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft - 14 April 2025
Dialysis firm DaVita hit by ransomware attack - 14 April 2025
⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More - 14 April 2025
Smiley calls for data sharing once Providence gets its schools back from state - 14 April 2025
IAF jet on Myanmar relief operation faced cyber attack in air - 14 April 2025
Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind - 14 April 2025
Psychiatric documents with sensitive patient info found ‘loosely blown about’ near Regina medical clinic - 14 April 2025
Another entity reports the Nationwide Recovery Service data breach of 2024 - 14 April 2025
Queensland has a new breach notification law going into effect July 1, 2025 - 14 April 2025
Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT - 14 April 2025
SK.com allegedly hacked by Qilin - 12 April 2025
UnitedHealth is demanding some struggling doctors immediately repay loans issued after last year’s cyberattack - 12 April 2025
Justice Department Implements Critical National Security Program to Protect Americans’ Sensitive Data from Foreign Adversaries - 11 April 2025
Patient data leaked from cyberattack on Brunswick Medical Center - 11 April 2025
Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit - 11 April 2025
Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors - 11 April 2025
Initial Access Brokers Shift Tactics, Selling More for Less - 11 April 2025
In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks - 11 April 2025
Preservation notice sent to Radford University in widening data leak case - 11 April 2025
No need to hack when it’s leaking: SavantCare edition - 11 April 2025
Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Gateways - 11 April 2025
SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps - 11 April 2025
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation - 11 April 2025
Physicians’ billing and revenue management firm hit by LockBit - 10 April 2025
HHS Office for Civil Rights Settles HIPAA Security Rule Investigation; Northeast Radiology agrees to corrective action plan and $350,000 monetary penalty - 10 April 2025
Major data breach affects multiple Dutch ministries, impact still unclear - 10 April 2025
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes - 10 April 2025
Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses - 10 April 2025
Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns - 10 April 2025
Pulse Urgent Care Center appears to be the victim of a ransomware attack - 10 April 2025
Germany suspects Russian cyber attack on research group - 10 April 2025
Gamaredon Uses Infected Removable Drives to Breach Western Military Mission in Ukraine - 10 April 2025
PlayPraetor Reloaded: CTM360 Uncovers a Play Masquerading Party - 10 April 2025
The Identities Behind AI Agents: A Deep Dive Into AI & NHI - 10 April 2025
Europol Arrests Five SmokeLoader Clients Linked by Seized Database Evidence - 10 April 2025
AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections - 10 April 2025
Industrial-strength April Patch Tuesday covers 135 CVEs - 9 April 2025
Oracle’s statement to customers is still raising questions about its disclosure and transparency - 9 April 2025
Lovable AI Found Most Vulnerable to VibeScamming — Enabling Anyone to Build Live Scam Pages - 9 April 2025
Fall River schools chief: No insurance for cyberattack; says computer system remains down - 9 April 2025
MrBeast sues former employee for stealing confidential files and installing hidden cameras in company offices - 9 April 2025
CISA, experts warn of Crush file transfer attacks after a controversial disclosure - 9 April 2025
2024 Year in Review: Data Breach Litigation - 9 April 2025
New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner - 9 April 2025
Explosive Growth of Non-Human Identities Creating Massive Security Blind Spots - 9 April 2025
CISA Warns of CentreStack’s Hard-Coded MachineKey Vulnerability Enabling RCE Attacks - 9 April 2025
PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware - 9 April 2025
Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability - 9 April 2025
Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered - 8 April 2025
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw - 8 April 2025
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings - 8 April 2025
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal - 8 April 2025
Sophos Firewall v21.5 early access is now available - 8 April 2025
E-ZPass toll payment texts return in massive phishing wave - 8 April 2025
UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine - 8 April 2025
Agentic AI in the SOC – Dawn of Autonomous Alert Triage - 8 April 2025
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation - 8 April 2025
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities - 8 April 2025
When the victimizers become the victims…. RansomHub the victim of a takeover? - 7 April 2025
Kaiser fires security exec amid disputed allegations involving a police database breach - 7 April 2025
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks - 7 April 2025
⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More - 7 April 2025
Security Theater: Vanity Metrics Keep You Busy – and Exposed - 7 April 2025
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks - 7 April 2025
Florida man known as “King Bob” pleads guilty to charges related to cryptocurrency theft - 6 April 2025
Unmasking EncryptHub: Help from ChatGPT & OPSEC blunders - 5 April 2025
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws - 5 April 2025
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages - 5 April 2025
Chinese hacker “Crazyhunter” behind ransomware attack on MacKay Hospital, others: CIB - 5 April 2025
Lawsuit: Pharmacist used spyware on UMMS computers to watch women, gain personal information - 5 April 2025
Could Trump Budget Cuts Lead to More Cyberattacks Against Schools? - 5 April 2025
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data - 5 April 2025
Hackers strike Australia’s largest pension funds in coordinated attacks - 4 April 2025
16 months after they experienced a ransomware attack, Dameron Hospital notifies those affected - 4 April 2025
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack - 4 April 2025
Have We Reached a Distroless Tipping Point? - 4 April 2025
OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers - 4 April 2025
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware - 4 April 2025
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code - 4 April 2025
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware - 4 April 2025
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware - 3 April 2025
Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware - 3 April 2025
AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar - 3 April 2025
Sensitive data was leaked in 2024 Highline Public Schools ransomware attack - 3 April 2025
Hacking Verizon Call Records: A Security Breach with National Security Implications - 3 April 2025
AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock - 3 April 2025
Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent - 3 April 2025
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices - 3 April 2025
Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation - 3 April 2025
Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign - 3 April 2025
Lawmakers warn of impact HHS firings will have on medical device cybersecurity efforts - 2 April 2025
Cyberattack Forces Tribal Casino to Shut Down Slots - 2 April 2025
Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse - 2 April 2025
Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers - 2 April 2025
Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers - 2 April 2025
China Regulator Proposes Amendments to Cybersecurity Law - 2 April 2025
UK data centres, hospitals, and energy companies targeted by new cybersecurity laws - 2 April 2025
How SSL Misconfigurations Impact Your Attack Surface - 2 April 2025
It takes two: The 2025 Sophos Active Adversary Report - 2 April 2025
FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites - 2 April 2025
New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth - 2 April 2025
Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign - 1 April 2025
Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platform - 1 April 2025
Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing - 1 April 2025
Vitenas Cosmetic Surgery patient data hacked and leaked - 1 April 2025
New Case Study: Global Retailer Overshares CSRF Tokens with Facebook - 1 April 2025
China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions - 1 April 2025
Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign - 1 April 2025
Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices - 1 April 2025
Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream - 1 April 2025
Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices - 1 April 2025
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp - 31 March 2025
HK: Data breach of 128,000 ‘due to system fix and neglect’ - 31 March 2025
Former GCHQ intern admits top secret data breach risking national security - 31 March 2025
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service - 31 March 2025
National Defense Corporation victim of ransomware attack; discloses breach and declines to pay any ransom. - 31 March 2025
Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images - 31 March 2025
⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More - 31 March 2025
5 Impactful AWS Vulnerabilities You’re Responsible For - 31 March 2025
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine - 31 March 2025
Shoot the Messenger, Sunday Edition: Reporting on a leak is not unethical, Hamilton County - 30 March 2025
The PIPC Sanctions Woori Card for Data Breaches, Imposing KRW 13.45 billion - 30 March 2025
T-Mobile prepares $350 million payments for data breach settlement - 30 March 2025
Canada’s Privacy Commissioner launches breach risk self-assessment tool for organizations - 30 March 2025
United States Unseals Charges Against Aubrey Cottle for Theft of Texas Republican Party Data - 30 March 2025
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features - 30 March 2025
New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials - 29 March 2025
BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability - 28 March 2025
How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack - 28 March 2025
Oracle Health breach compromises patient data at US hospitals - 28 March 2025
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA - 28 March 2025
CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection - 28 March 2025
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity - 28 March 2025
Cyber-crew claims it cracked American cableco, releases terrible music video to prove it - 28 March 2025
Change Healthcare Seeks Dismissal of Data Breach Lawsuits Brought by Consumers and Medical Providers - 28 March 2025
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps - 28 March 2025
Stealing user credentials with evilginx - 28 March 2025
Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability - 28 March 2025
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts - 28 March 2025
Furry hackers who leaked Project 2025 firm’s data fear leader raided by feds - 27 March 2025
Canadian citizen allegedly involved in Snowflake attacks consents to extradition to US - 27 March 2025
Sophos ranked #1 overall for Firewall, MDR, and EDR in the G2 Spring 2025 Reports - 27 March 2025
Four months after learning of a vendor’s breach, Concord Orthopaedics notifies almost 68,000 patients - 27 March 2025
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records - 27 March 2025
Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure - 27 March 2025
Hackers Repurpose RansomHub’s EDRKillShifter in Medusa, BianLian, and Play Attacks - 27 March 2025
APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware - 27 March 2025
New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It - 27 March 2025
Trump’s Top Aides Suffer Another Series of Embarrassing Data Blunders - 27 March 2025
Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior - 27 March 2025
Shifting the sands of RansomHub’s EDRKillShifter - 27 March 2025
Oracle customers confirm data stolen in alleged cloud breach is valid - 27 March 2025
PJobRAT makes a comeback, takes another crack at chat apps - 27 March 2025
Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert! - 27 March 2025
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms - 27 March 2025
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems - 27 March 2025
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices - 27 March 2025
Private Data and Passwords of Senior U.S. Security Officials Found Online - 26 March 2025
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations - 26 March 2025
Memo: Hamilton County data breach has gone unreported - 26 March 2025
Defense Contractor MORSECORP Inc. Agrees to Pay $4.6 Million to Settle Cybersecurity Fraud Allegations - 26 March 2025
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment - 26 March 2025
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware - 26 March 2025
Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience - 26 March 2025
Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks - 26 March 2025
How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More - 26 March 2025
American Oversight v. Hegseth, Gabbard, Ratcliffe, Bessent, Rubio, and NARA Regarding Military Actions Planned on Signal Messaging App - 26 March 2025
Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms - 26 March 2025
New Security Flaws Found in VMware Tools and CrushFTP — High Risk, No Workaround - 26 March 2025
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks - 26 March 2025
A Sneaky Phish Just Grabbed my Mailchimp Mailing List - 25 March 2025
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker - 25 March 2025
Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years - 25 March 2025
AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface - 25 March 2025
Malaysia’s Anwar says ‘no way’ to US$10 million ransom demand to end airport cyberattack - 25 March 2025
Delete your DNA from 23andMe right now - 25 March 2025
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps - 25 March 2025
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust - 25 March 2025
The Trump Administration Accidentally Texted Me Its War Plans - 24 March 2025
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication - 24 March 2025
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks - 24 March 2025
VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics - 24 March 2025
Ukrainian Railways hit by ‘large-scale, targeted cyberattack’ - 24 March 2025
How to Balance Password Security Against User Experience - 24 March 2025
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More - 24 March 2025
VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware - 24 March 2025
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks - 24 March 2025
Trump Administration Begins Shifting Cyberattack Response to States - 23 March 2025
Over 3 million applicants’ data leaked on NYU’s website - 23 March 2025
Attorney General James Secures $975,000 from Auto Insurance Company over Data Breach - 23 March 2025
Union County’s computer network breached, personal information accessed - 23 March 2025
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets - 23 March 2025
Indiana health systems unite to help smaller providers tackle cybersecurity - 22 March 2025
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe - 22 March 2025
HHS’ Office for Civil Rights Settles HIPAA Security Rule Investigation with Health Fitness Corporation; $227k monetary penalty plus corrective action plan - 21 March 2025
No need to hack when it’s leaking: OrthoMinds edition - 21 March 2025
Mission, Texas expects ransomware impact to last months - 21 March 2025
Watsonville Community Hospital still hasn’t notified all those affected by a November data breach; employees are reporting tax refund fraud - 21 March 2025
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools - 21 March 2025
Hacktivists claim cyber-sabotage of 116 Iranian ships - 21 March 2025
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates - 21 March 2025
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers - 21 March 2025
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families - 21 March 2025
10 Critical Network Pentest Findings IT Teams Overlook - 21 March 2025
Ninth Circuit Reverses Probation Sentence for Paige Thompson - 21 March 2025
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility - 21 March 2025
Former University of Michigan Football Quarterbacks Coach and Co-Offensive Coordinator Indicted on Charges of Unauthorized Access to Computers and Aggravated Identity Theft - 20 March 2025
Security Researcher Comments on HIPAA Security Rule - 20 March 2025
Department of Defense civilian employee pleads guilty to taking classified documents - 20 March 2025
The future of MFA is clear – but is it here yet? - 20 March 2025
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users - 20 March 2025
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems - 20 March 2025
Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users - 20 March 2025
How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model - 20 March 2025
Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data - 20 March 2025
DOGE to Fired CISA Staff: Email Us Your Personal Data - 20 March 2025
Casual White House Starlink Use Is A Cybersecurity Nightmare, A Transparency Problem, And A Weird Marketing Stunt - 20 March 2025
Names, bank info, and more spills from top sperm bank - 20 March 2025
Hong Kong passes its first cybersecurity bill covering critical infrastructure - 20 March 2025
CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation - 20 March 2025
Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers - 20 March 2025
CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages - 20 March 2025
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners - 19 March 2025
Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia - 19 March 2025
ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers - 19 March 2025
Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen - 19 March 2025
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security - 19 March 2025
The sixth sense for cyber defense: Multimodal AI - 19 March 2025
Extortion Reboot: Ransomware Crew Threatens Leak to Snowden - 19 March 2025
Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems - 19 March 2025
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise - 19 March 2025
The Escalating Challenge of Insider Threats - 18 March 2025
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors - 18 March 2025
Australia Sues FIIG Investment Firm in Cyber ‘Wake-Up Call’ - 18 March 2025
Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security - 18 March 2025
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking - 18 March 2025
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 - 18 March 2025
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads - 18 March 2025
Alleged Data Breach at Korea Aerospace Research Institute Sparks Major Investigation - 18 March 2025
BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse - 18 March 2025
How to Improve Okta Security in Four Steps - 18 March 2025
China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation - 18 March 2025
Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets - 18 March 2025
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure - 17 March 2025
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions - 17 March 2025
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year - 17 March 2025
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks - 17 March 2025
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More - 17 March 2025
DOGE Staffer Broke Treasury Rules Transmitting Personal Data - 17 March 2025
Microsoft wouldn’t look at a bug report without a video. Researcher maliciously complied - 17 March 2025
Almost one month after Brain Cipher claimed to have attacked them, Pulmonary Physicians of South Florida has yet to publicly confirm or deny any breach - 17 March 2025
What is WikiLeaksV2 doing with a ransomware gang? Spoiler alert: It’s not extortion. - 17 March 2025
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories - 17 March 2025
Courts Are Still Willing To Dismiss Data Breach Lawsuits for Lack of Standing - 16 March 2025
Appellate court upholds sentence for former Uber cyber executive Joe Sullivan - 16 March 2025
FCC proposes new cybersecurity mandates for submarine cable operators in major rule review, seeks public input - 16 March 2025
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal - 15 March 2025
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges - 14 March 2025
GSMA Confirms End-to-End Encryption for RCS, Enabling Secure Cross-Platform Messaging - 14 March 2025
Why Most Microsegmentation Projects Fail—And How Andelyn Biosciences Got It Right - 14 March 2025
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom - 14 March 2025
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions - 14 March 2025
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection - 14 March 2025
Dual Russian And Israeli National Extradited To The United States For His Role In The LockBit Ransomware Conspiracy - 13 March 2025
Breach notifications needed to be made faster in 2024. Instead, they were made more slowly. - 13 March 2025
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails - 13 March 2025
North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps - 13 March 2025
FMS: YAP Health Services disrupted by ransomware attack - 13 March 2025
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks - 13 March 2025
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025 - 13 March 2025
South Korea: Modetour Network fined 740 million won for hacking incident; Meta loses appeal of 6.7 billion won fine - 13 March 2025
#StopRansomware: Medusa Ransomware - 13 March 2025
WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback - 13 March 2025
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk - 13 March 2025
Takeaways from our investigation on AI-powered school surveillance - 12 March 2025
Pinehurst Radiology Associates remains closed more than 1 month after cyberattack - 12 March 2025
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits - 12 March 2025
Swiss critical sector faces new 24-hour cyberattack reporting rule - 12 March 2025
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack - 12 March 2025
Pentesters: Is AI Coming for Your Role? - 12 March 2025
Little fires everywhere for March Patch Tuesday - 12 March 2025
URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days - 12 March 2025
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks - 12 March 2025
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks - 11 March 2025
Sophos Recognized as Top Employer in British Columbia, Canada - 11 March 2025
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices - 11 March 2025
Your Risk Scores Are Lying: Adversarial Exposure Validation Exposes Real Threats - 11 March 2025
Computers containing thousands of patients’ records stolen from Belfast hospital - 11 March 2025
Steganography Explained: How XWorm Hides Inside Images - 11 March 2025
Sunflower Medical Group notifies 220,968 of December cyberattack by Rhysida - 11 March 2025
Center for Digestive Health notifies patients of April 2024 cyberattack - 11 March 2025
Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches - 11 March 2025
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa - 11 March 2025
CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List - 10 March 2025
Attorney General James Sues National General and Allstate Insurance for Failing to Protect New Yorkers’ Personal Information - 10 March 2025
Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials - 10 March 2025
Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links - 10 March 2025
Why The Modern Google Workspace Needs Unified Security - 10 March 2025
Fostering Gender Equality: Sophos Celebrates International Women’s Day with Global Initiatives - 10 March 2025
⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact - 10 March 2025
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools - 10 March 2025
Endless Mountains Health Systems affected by cyberattack; patients alerted to situation - 9 March 2025
Akira ransomware gang used an unsecured webcam to bypass EDR - 9 March 2025
SSK Plastic Surgery discloses it experienced a hack and extortion attempt in 2024 - 8 March 2025
Extensive US public school employee data compromise reported from Carruth Compliance Consulting breach - 8 March 2025
White House cyber director’s office set for more power under Trump, experts say - 8 March 2025
Texas Man Convicted of Sabotaging his Employer’s Computer Systems and Deleting Data - 7 March 2025
Hackers expose information for 700,000 current and former Chicago students, district says - 7 March 2025
Taipei’s Mackay Memorial Hospital patient information allegedly sold online - 7 March 2025
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations - 7 March 2025
Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide - 7 March 2025
Webinar: Learn How ASPM Transforms Application Security from Reactive to Proactive - 7 March 2025
What PCI DSS v4 Really Means – Lessons from A&F Compliance Journey - 7 March 2025
U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website - 7 March 2025
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions - 7 March 2025
Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist - 7 March 2025
PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors - 6 March 2025
Expanded management regions for Sophos DNS Protection - 6 March 2025
Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom - 6 March 2025
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing - 6 March 2025
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution - 6 March 2025
Outsmarting Cyber Threats with Attack Graphs - 6 March 2025
NHS investigates API flaw that exposed patient data - 6 March 2025
A Brief Reminder About the Florida Information Protection Act - 6 March 2025
Justice Department Charges 12 Chinese Contract Hackers and Law Enforcement Officers in Global Computer Intrusion Campaigns - 6 March 2025
Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters - 6 March 2025
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access - 6 March 2025
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations - 6 March 2025
Whitman Hospital & Medical Clinics In Colfax Suffers Cyber Attack - 5 March 2025
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access - 5 March 2025
Supreme Court declines to weigh in on FQHC’s patient data security liability - 5 March 2025
Rite Aid Agrees to $6.8M Settlement Over Data Breach Lawsuit - 5 March 2025
HCRG Care’s lawyers claimed an injunction issued in a “private” hearing required us to remove two posts. We didn’t comply. - 5 March 2025
Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America - 5 March 2025
Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud - 5 March 2025
Defending against USB drive attacks with Wazuh - 5 March 2025
Identity: The New Cybersecurity Battleground - 5 March 2025
Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants - 5 March 2025
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems - 5 March 2025
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates - 4 March 2025
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches - 4 March 2025
Japanese cancer hospital confirms breach; Qilin gang claims responsibility - 4 March 2025
How New AI Agents Will Transform Credential Stuffing Attacks - 4 March 2025
Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers - 4 March 2025
Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector - 4 March 2025
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm - 4 March 2025
Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities - 3 March 2025
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail - 3 March 2025
FTC, MGM close to solving dispute over costly 2023 cyberattack - 3 March 2025
U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices - 3 March 2025
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks - 3 March 2025
Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites - 3 March 2025
⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists - 3 March 2025
FBCS updates the number affected in its 2024 breach to 4,253,394 - 3 March 2025
Info accessed in Rainbow board data breach ‘deleted and has not been shared’ - 3 March 2025
The New Ransomware Groups Shaking Up 2025 - 3 March 2025
Vo1d Botnet’s Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries - 3 March 2025
Black Basta exposed: A look at a cybercrime data leak and a key member, “Tramp” - 2 March 2025
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language - 1 March 2025
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone - 28 February 2025
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable - 28 February 2025
5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs - 28 February 2025
Data Breach Class Action Dismissed After ‘Alter Ego’ Doctrine Fails - 28 February 2025
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme - 28 February 2025
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus - 28 February 2025
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training - 28 February 2025
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations - 27 February 2025
Quantifying ROI: Understanding the impact of cybersecurity products and services on cyber insurance claims - 27 February 2025
New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades - 27 February 2025
89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals - 27 February 2025
Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware - 27 February 2025
Criminal hacker known as ALTDOS, DESORDEN, GHOSTR and 0mid16B arrested - 27 February 2025
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices - 27 February 2025
Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers - 27 February 2025
Imprisoned IRS Contractor Leaked Information of Over 400,000 Taxpayers - 26 February 2025
Medical Billing Vendor Sued Over Health Data Leak ‘Gold Mine’ - 26 February 2025
Business Associate breaches account for the largest percentage of breached patient records - 26 February 2025
Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites - 26 February 2025
New license expiration alerts help you avoid protection gaps - 26 February 2025
Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach - 26 February 2025
Bluesight’s 2025 Breach Barometer Report Reveals Surge in Healthcare Data Breaches - 26 February 2025
Leaked Black Basta Chat Logs Reveal $107M Ransom Earnings and Internal Power Struggles - 26 February 2025
Belgian prosecutor probes alleged Chinese hacking of intelligence service - 26 February 2025
Ransomware attack on Southern Water cost £4.5 million - 26 February 2025
Malicious PyPI Package “automslc” Enables 104K+ Unauthorized Deezer Music Downloads - 26 February 2025
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries - 26 February 2025
New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems - 26 February 2025
Three Password Cracking Techniques and How to Defend Against Them - 26 February 2025
SOC 3.0 – The Evolution of the SOC and How AI is Empowering Human Talent - 26 February 2025
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation - 25 February 2025
Belarus-Linked Ghostwriter Uses Macropack-Obfuscated Excel Macros to Deploy Malware - 25 February 2025
LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile - 25 February 2025
DISA Global Solutions reports more than 3.3 million people affected by 2024 data breach, but questions remain - 25 February 2025
RansomHub sends a letter to the editor. Really. - 25 February 2025
2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT - 25 February 2025
GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets - 25 February 2025
5 Active Malware Campaigns in Q1 2025 - 25 February 2025
FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services - 25 February 2025
Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA - 24 February 2025
New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer - 24 February 2025
UK: More details emerge about ransomware attack on HCRG by Medusa - 24 February 2025
Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense - 24 February 2025
Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats - 24 February 2025
⚡ THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple’s Data Dilemma - 24 February 2025
No need to hack when it’s leaking, Monday edition: TeammateApp - 24 February 2025
Australia Bans Kaspersky Software Over National Security and Espionage Concerns - 24 February 2025
Beverly Hills Plastic Surgeon Jaime Schwartz M.D. Sued for Not Timely Notifying Patients of Two Hacks - 22 February 2025
Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack - 22 February 2025
OpenAI Bans Accounts Misusing ChatGPT for Surveillance and Influence Campaigns - 21 February 2025
Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations - 21 February 2025
Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands - 21 February 2025
Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3 - 21 February 2025
Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025 - 21 February 2025
BlackBasta Ransomware Chatlogs Leaked Online - 21 February 2025
Niva Bupa investigates alleged data leak after cyber threat - 21 February 2025
AI-Powered Deception is a Menace to Our Societies - 21 February 2025
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks - 21 February 2025
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks - 21 February 2025
HHS Office for Civil Rights Imposes a $1,500,000 Civil Money Penalty Against Warby Parker in HIPAA Cybersecurity Hacking Investigation - 20 February 2025
No need to hack when it’s leaking, Thursday edition: DM Clinical Research - 20 February 2025
CPPA Brings Enforcement Action Against National Public Data - 20 February 2025
Hackers Claim Data Breach at Bulgaria’s Supreme Administrative Court - 20 February 2025
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware - 20 February 2025
Medusa ransomware gang demands $2M from UK private health services provider - 20 February 2025
FBI and CISA Warn of Ghost Ransomware - 20 February 2025
Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors - 20 February 2025
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger - 20 February 2025
Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware - 20 February 2025
Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives - 20 February 2025
PCI DSS 4.0 Mandates DMARC By 31st March 2025 - 20 February 2025
Major IVF provider Genea suffers ‘cyber incident’ - 20 February 2025
How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024 - 20 February 2025
Privilege Under Pressure: The Shifting Data Breach Investigation Landscape - 20 February 2025
Microsoft’s End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now - 20 February 2025
Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability - 19 February 2025
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability - 19 February 2025
Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes - 19 February 2025
Sophos Firewall v21 MR1 is now available - 19 February 2025
Cyberespionage groups or cybercriminals? UAV and C-UAV vendors and buyers are increasingly targeted - 19 February 2025
Hundreds of Dutch medical records bought for pocket change at flea market - 19 February 2025
New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection - 19 February 2025
The Ultimate MSP Guide to Structuring and Selling vCISO Services - 19 February 2025
There’s a new ransomware player on the scene: the ‘BlackLock’ group has become one of the most prolific operators in the cyber crime industry – and researchers warn it’s only going to get worse for potential victims - 19 February 2025
$10 Infostealers Are Breaching Critical US Security: Military and Even the FBI Hit - 19 February 2025
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack - 19 February 2025
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List - 18 February 2025
Health Net Federal Services, LLC and Centene Corporation Agree to Pay Over $11 Million to Resolve False Claims Act Liability for Cybersecurity Violations - 18 February 2025
Deal leaks: data protection during M&A - 18 February 2025
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now - 18 February 2025
As US newspaper outages drag on, Lee Enterprises blames cyberattack for encrypting critical systems - 18 February 2025
Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks - 18 February 2025
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates - 18 February 2025
The Myth of Jurisdictional Privacy - 18 February 2025
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication - 18 February 2025
Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign - 18 February 2025
Debunking the AI Hype: Inside Real Hacker Tactics - 18 February 2025
New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials - 18 February 2025
Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers - 18 February 2025
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics - 17 February 2025
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations - 17 February 2025
Ransomware attack affects Michigan casinos and tribal health centers - 17 February 2025
CISO’s Expert Guide To CTEM And Why It Matters - 17 February 2025
⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More - 17 February 2025
New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations - 17 February 2025
California Teenager Sentenced to 48 Months in Prison for Nationwide Swatting Spree - 15 February 2025
Elon Musk’s DOGE Posts Classified Data On Its New Website - 15 February 2025
Humboldt Independent Practice Association’s breach notification leaves questions unanswered - 15 February 2025
School board approves letter to AG for PowerSchool data breach - 15 February 2025
The Art of the Deal? Bitcoin fraudster tied to 2016 hacking of Democrats is Russian released in exchange for U.S teacher - 15 February 2025
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 15 February 2025
Kuwait busts large-scale cyber attacks - 15 February 2025
Virginia AG’s office says it was struck by ‘sophisticated cyberattack’ - 15 February 2025
Memorial Hospital and Manor notifies 120,085 people of November ransomware attack - 15 February 2025
Bill raising the bar for class-action suits in data breach incidents advances - 15 February 2025
Android’s New Feature Blocks Fraudsters from Sideloading Apps During Calls - 15 February 2025
New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution - 14 February 2025
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks - 14 February 2025
Microsoft: Russian-Linked Hackers Using ‘Device Code Phishing’ to Hijack Accounts - 14 February 2025
RansomHub Becomes 2024’s Top Ransomware Group, Hitting 600+ Organizations Globally - 14 February 2025
AI-Powered Social Engineering: Ancillary Tools and Techniques - 14 February 2025
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks - 13 February 2025
Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners - 13 February 2025
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks - 13 February 2025
Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams - 13 February 2025
Hackers Exploited PAN-OS Flaw to Deploy Chinese Malware in Ransomware Attack - 13 February 2025
AI and Security – A New Puzzle to Figure Out - 13 February 2025
Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software - 13 February 2025
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux - 13 February 2025
Microsoft Uncovers Sandworm Subgroup’s Global Cyber Attacks Spanning 15+ Countries - 12 February 2025
Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability - 12 February 2025
Turbocharge your network with our new 10-gigabit switch - 12 February 2025
How to Steer AI Adoption: A CISO Guide - 12 February 2025
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack - 12 February 2025
Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation - 12 February 2025
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now - 12 February 2025
February Patch Tuesday delivers 57 packages - 11 February 2025
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification - 11 February 2025
Sophos AI Assistant: Accelerating security operations with GenAI - 11 February 2025
Phobos Ransomware Affiliates Arrested in Coordinated International Disruption - 11 February 2025
4 Ways to Keep MFA From Becoming too Much of a Good Thing - 11 February 2025
Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions - 11 February 2025
Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks - 11 February 2025
Summerside hospital worker fired for improperly accessing patient files, says Health P.E.I. - 11 February 2025
Uganda court charges senior finance officials with corruption over central bank hacking - 11 February 2025
Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks - 11 February 2025
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment - 11 February 2025
8Base Ransomware Data Leak Sites Seized in International Law Enforcement Operation - 11 February 2025
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update - 10 February 2025
Police arrests 4 Phobos ransomware suspects, seizes 8Base sites - 10 February 2025
Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores - 10 February 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February] - 10 February 2025
Don’t Overlook These 6 Critical Okta Security Configurations - 10 February 2025
DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects - 10 February 2025
Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities - 10 February 2025
XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells - 10 February 2025
Teen on Musk’s DOGE Team Graduated from ‘The Com’ - 9 February 2025
Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection - 8 February 2025
Indiana Man Sentenced to 20 Years in Federal Prison for Conspiracies Involving Cyber Intrusion and a Massive $37 Million Cryptocurrency Theft - 7 February 2025
DeepSeek App Transmits Sensitive User and Device Data Without Encryption - 7 February 2025
Attorney General James Releases Statement on DOGE Access to Sensitive Personal Information - 7 February 2025
Treasury agrees to block additional DOGE staff from accessing sensitive payment systems - 7 February 2025
CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE - 7 February 2025
Ransomware Payments Dropped to $813 Million in 2024 - 7 February 2025
Microsoft Identifies 3,000+ Publicly Disclosed ASP.NET Machine Keys Vulnerable to Code Injection - 7 February 2025
AI-Powered Social Engineering: Reinvented Threats - 7 February 2025
India’s RBI Introduces Exclusive “bank.in” Domain to Combat Digital Banking Fraud - 7 February 2025
Trimble Cityworks Customers Warned of Zero-Day Exploitation - 7 February 2025
Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware - 7 February 2025
Maybe we should all file breach reports against Musk like Kevin did. - 6 February 2025
House Lawmakers Push to Ban AI App DeepSeek From US Government Devices - 6 February 2025
1,000 Apps Used in Malicious Campaign Targeting Android Users in India - 6 February 2025
Hackers target Taliban databases - 6 February 2025
Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking - 6 February 2025
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023 - 6 February 2025
Hacker Who Targeted NATO, US Army Arrested in Spain - 6 February 2025
Astra, Invary Raise Millions for AI-Powered Pentesting, Runtime Security - 6 February 2025
Hacker Conversations: David Kennedy – an Atypical Typical Hacker - 6 February 2025
Cyber Insights 2025: OT Security - 6 February 2025
Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US - 6 February 2025
How Agentic AI will be Weaponized for Social Engineering Attacks - 6 February 2025
Semgrep Raises $100M for AI-Powered Code Security Platform - 6 February 2025
Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams - 6 February 2025
7AI Launches With $36 Million in Seed Funding for Agentic Security Platform - 6 February 2025
Cisco Patches Critical Vulnerabilities in Enterprise Security Product - 6 February 2025
Five Eyes Agencies Release Guidance on Securing Edge Devices - 6 February 2025
Security Teams Pay the Price: The Unfair Reality of Cyber Incidents - 6 February 2025
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials - 6 February 2025
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025 - 6 February 2025
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images - 6 February 2025
Top 3 Ransomware Threats Active in 2025 - 6 February 2025
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc - 6 February 2025
Scalable Vector Graphics files pose a novel phishing threat - 5 February 2025
Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested - 5 February 2025
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign - 5 February 2025
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks - 5 February 2025
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts - 5 February 2025
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack - 5 February 2025
Navigating the Future: Key IT Vulnerability Management Trends - 5 February 2025
AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks - 5 February 2025
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 - 5 February 2025
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access - 4 February 2025
A 25-Year-Old With Elon Musk Ties Has Direct Access to the Federal Payment System - 4 February 2025
Kept in the Dark — Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden - 4 February 2025
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS - 4 February 2025
Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections - 4 February 2025
Cyberattack on NHS causes hospitals to miss cancer care targets - 4 February 2025
Watch Out For These 8 Cloud Security Shifts in 2025 - 4 February 2025
AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access - 4 February 2025
Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks - 4 February 2025
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 - 4 February 2025
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score - 4 February 2025
Microsoft SharePoint Connector Flaw Could’ve Enabled Credential Theft Across Power Platform - 3 February 2025
Romanian Men Indicted For Access Device Fraud - 3 February 2025
Canadian Man Charged in $65M Cryptocurrency Hacking Schemes - 3 February 2025
DISA Incident: Update on Review of ‘Potentially Affected Files’ and Notification Plan - 3 February 2025
Sophos Acquires Secureworks - 3 February 2025
768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023 - 3 February 2025
Delta County Memorial Hospital District reveals more about 2024 cyberattack that affected 148,363 people - 3 February 2025
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages - 3 February 2025
What Is Attack Surface Management? - 3 February 2025
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions - 3 February 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February] - 3 February 2025
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware - 3 February 2025
Cover-up Follow-up: Westend Dental starts notifying patients of October 2020 ransomware attack - 2 February 2025
Operation Heart Blocker: Disruption action deals blow to criminal cyber network HeartSender - 1 February 2025
U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network - 1 February 2025
BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key - 1 February 2025
Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists - 1 February 2025
Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts - 31 January 2025
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors - 31 January 2025
Backdoor found in two healthcare patient monitors, linked to IP in China - 31 January 2025
Heart Centre Cyberattack in Australia, DragonForce Claims Responsibility for Sensitive Data Theft - 31 January 2025
Almost one year later, NorthBay Health notifies 569,012 people of breach of sensitive information - 31 January 2025
Google Bans 158,000 Malicious Android App Developer Accounts in 2024 - 31 January 2025
Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns - 31 January 2025
Top 5 AI-Powered Social Engineering Attacks - 31 January 2025
Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft - 31 January 2025
Law enforcement continues efforts to disrupt cybercrime forums and services - 30 January 2025
Exclusive: Apex Custom Software hacked, threat actors threaten to leak the software - 30 January 2025
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations - 30 January 2025
No need to hack when it’s leaking: ZAR clinics edition - 30 January 2025
Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter - 30 January 2025
Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown - 30 January 2025
SOC Analysts – Reimagining Their Role Using AI - 30 January 2025
DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked - 30 January 2025
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks - 30 January 2025
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits - 30 January 2025
New York Blood Center Enterprises Ransomware Attack Update - 29 January 2025
FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent - 29 January 2025
With his criminal trial looming, the hacker known as “DR32” pleaded guilty in federal court - 29 January 2025
Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks - 29 January 2025
Personal medical information might have been exposed on Chicago Department of Public Health dashboard - 29 January 2025
Ransomware attack kept ENGlobal out of some systems for 6 weeks - 29 January 2025
How Interlock Ransomware Infects Healthcare Organizations - 29 January 2025
AI in Cybersecurity: What’s Effective and What’s Not – Insights from 200 Experts - 29 January 2025
New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits - 29 January 2025
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution - 29 January 2025
How Interlock Ransomware Infects Healthcare Organizations - 29 January 2025
Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability - 29 January 2025
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer - 29 January 2025
UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents - 29 January 2025
Attorney General James Secures $450,000 from Companies Selling Home Security Cameras that Failed to Secure Private Videos - 28 January 2025
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks - 28 January 2025
OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking - 28 January 2025
DeepSeek hit with ‘large-scale’ cyber-attack after AI chatbot tops app stores - 28 January 2025
KuCoin Agrees to $297 Million Settlement Over Regulatory Breach - 28 January 2025
Update: Cybercriminals still not fully on board the AI train (yet) - 28 January 2025
Frederick Health recently identified a ransomware attack - 28 January 2025
Beyond the hype: The business reality of AI for cybersecurity - 28 January 2025
AI SOC Analysts: Propelling SecOps into the future - 28 January 2025
How Long Does It Take Hackers to Crack Modern Hashing Algorithms? - 28 January 2025
Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations - 28 January 2025
E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries - 28 January 2025
Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks - 28 January 2025
Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More - 27 January 2025
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs - 27 January 2025
EU sanctions 3 GRU members for cyberattacks against Estonia - 27 January 2025
Hong Kong govt office sorry for losing tapes with personal data - 27 January 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January] - 27 January 2025
Let’s Secure Insurance failed to secure their own data storage. Now they have a breach. - 27 January 2025
Do We Really Need The OWASP NHI Top 10? - 27 January 2025
GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities - 27 January 2025
MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks - 27 January 2025
Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks - 26 January 2025
Slovak PM accuses Ukraine — without any evidence — of involvement in alleged “massive cyberattack” - 25 January 2025
US Justice Department drops case against Texas doctor charged with leaking transgender care data - 25 January 2025
UnitedHealth estimates 190M people impacted by Change Healthcare cyberattack - 25 January 2025
Hospital El Cruce takes its website offline following a severe cyberattack - 24 January 2025
HCF Management healthcare facilities hit by ransomware attack; more than 70,000 patients affected - 24 January 2025
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations - 24 January 2025
Proposed Turkish Law Could Mean Prison for Reporting Data Leaks - 24 January 2025
2025 State of SaaS Backup and Recovery Report - 24 January 2025
DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations - 24 January 2025
Android’s New Identity Check Feature Locks Device Settings Outside Trusted Locations - 24 January 2025
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List - 24 January 2025
PayPal to pay NYS $2M for violating DFS’s Cybersecurity Regulation - 23 January 2025
Hackers Crack Subaru’s Connected Services To Access Location Data, Door Locks And More - 23 January 2025
Orlando Man Pleads Guilty To Conducting Series Of Cyber Intrusions Against Former Employer - 23 January 2025
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers - 23 January 2025
Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks - 23 January 2025
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits - 23 January 2025
Tesla Charger Exploits Earn Hackers $129,000 at Pwn2Own - 23 January 2025
Cisco Patches Critical Vulnerability in Meeting Management - 23 January 2025
Homebrew macOS Users Targeted With Information Stealer Malware - 23 January 2025
Axoflow Raises $7 Million for Security Data Curation Platform - 23 January 2025
Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads - 23 January 2025
Record Number of Ransomware Attacks in December 2024 - 23 January 2025
SonicWall Learns From Microsoft About Potentially Exploited Zero-Day - 23 January 2025
New Research: The State of Web Exposure 2025 - 23 January 2025
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation - 23 January 2025
How to Eliminate Identity-Based Threats - 23 January 2025
Oxfam Hong Kong data leak: charity violated data protection law - 23 January 2025
Cloudflare CDN flaw leaks user location data, even through secure chat apps - 23 January 2025
Research Report: The Insider Threat Digital Recruitment Marketplace - 23 January 2025
QakBot-Linked BC Malware Adds Enhanced DNS Tunneling and Remote Access Features - 23 January 2025
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) - 23 January 2025
TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware - 23 January 2025
FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know - 22 January 2025
Do-Over: “Pompompurin” to be Re-Sentenced - 22 January 2025
Application Security Firm DryRun Raises $8.7 Million in Seed Funding - 22 January 2025
DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots - 22 January 2025
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review - 22 January 2025
Doti AI Raises £7 Million Seed Funding for Instant Access to Internal Company Data - 22 January 2025
Call for Presentations Open for SecurityWeek’s 2025 Supply Chain Security & Third-Party Risk Summit - 22 January 2025
Cyber Insights 2025: APIs – The Threat Continues - 22 January 2025
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet - 22 January 2025
NY Attorney General James Announces Court Win Allowing Lawsuit Against Citibank to Continue - 22 January 2025
Oracle Patches 200 Vulnerabilities With January 2025 CPU - 22 January 2025
Murdoc Botnet Ensnaring Avtech, Huawei Devices - 22 January 2025
Over $380,000 Paid Out on First Day of Pwn2Own Automotive 2025 - 22 January 2025
Insider Threats: The Overlooked Risks of Departing Employees and Sensitive Data Theft - 22 January 2025
Record-Breaking DDoS Attack Reached 5.6 Tbps - 22 January 2025
Book Review: Infected – A Candid Look at VirusTotal’s Birth and Legacy - 22 January 2025
Researcher Says ABB Building Control Products Affected by 1,000 Vulnerabilities - 22 January 2025
President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison - 22 January 2025
Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks - 22 January 2025
Trump Pardons Founder of Silk Road Website - 22 January 2025
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack - 22 January 2025
Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products - 22 January 2025
Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device - 22 January 2025
Today’s reminder not to just repeat threat actors’ claims without checking or attempting to verify them first. - 21 January 2025
Mitiga Banks$30M Series B to Expand Cloud and SaaS Security Platform - 21 January 2025
Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers - 21 January 2025
Cyber Insights 2025: Attack Surface Management - 21 January 2025
Ransomware Groups Abuse Microsoft Services for Initial Access - 21 January 2025
Students, Educators Impacted by PowerSchool Data Breach - 21 January 2025
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks - 21 January 2025
Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties - 21 January 2025
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing” - 21 January 2025
Cybersecurity Incident Impacting Addison Northwest School District (ANWSD) - 21 January 2025
European Commission Publishes Action Plan on Cybersecurity of Hospitals and Healthcare Providers - 21 January 2025
HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects - 21 January 2025
PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers - 21 January 2025
CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits - 20 January 2025
Toronto student information dating back to 1985 may have been accessed in PowerSchool cyber incident - 20 January 2025
Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes - 20 January 2025
DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection - 20 January 2025
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers - 20 January 2025
The U.K. is considering prohibiting ransom payments. It’s a difficult issue. - 20 January 2025
Social Media Security Firm Spikerz Raises $7 Million - 20 January 2025
Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities - 20 January 2025
CISA, FBI Update Software Security Recommendations - 20 January 2025
FCC Taking Action in Response to China’s Telecoms Hacking - 20 January 2025
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI - 20 January 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January] - 20 January 2025
HPE Investigating Breach Claims After Hacker Offers to Sell Data - 20 January 2025
TikTok Restores Service for US Users Based on Trump’s Promised Executive Order - 20 January 2025
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP - 20 January 2025
TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025 - 19 January 2025
DOJ confirms arrested US Army soldier is linked to AT&T and Verizon hacks - 18 January 2025
FBI Warned Agents It Believes Phone Logs Hacked Last Year - 18 January 2025
Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network - 18 January 2025
TikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court Ruling - 18 January 2025
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon - 18 January 2025
US Government Agencies Call for Closing the Software Understanding Gap - 17 January 2025
Wolf Haldenstein Data Breach Impacts 3.4 Million People - 17 January 2025
In Other News: Lawsuits and Settlements, CrowdStrike Phish, MITRE’s D3FEND 1.0 - 17 January 2025
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation - 17 January 2025
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation - 17 January 2025
Google Releases Open Source Library for Software Composition Analysis - 17 January 2025
MedSave Health Insurance TPA hacked; firm has yet to comment or respond - 17 January 2025
Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday - 17 January 2025
US Announces Sanctions Against North Korean Fake IT Worker Network - 17 January 2025
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs - 17 January 2025
New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass - 17 January 2025
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal? - 17 January 2025
Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise - 16 January 2025
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China - 16 January 2025
Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting - 16 January 2025
Gootloader inside out - 16 January 2025
Cisco Unveils New AI Application Security Solution - 16 January 2025
Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups - 16 January 2025
Sophos ZTNA Updates - 16 January 2025
Millions of Internet Hosts Vulnerable to Attacks Due to Tunneling Protocol Flaws - 16 January 2025
Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action - 16 January 2025
Wultra Raises €3 Million for Post-Quantum Authentication - 16 January 2025
North Korean Hackers Targeting Freelance Software Developers - 16 January 2025
380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy - 16 January 2025
Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer - 16 January 2025
Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions - 16 January 2025
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024 - 16 January 2025
New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits - 16 January 2025
Biden Executive Order Aims to Shore Up US Cyber Defenses - 16 January 2025
Cyber Insights 2025: Identities - 16 January 2025
2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records - 16 January 2025
Data From 15,000 Fortinet Firewalls Leaked by Hackers - 16 January 2025
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws - 16 January 2025
Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager - 16 January 2025
Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump - 15 January 2025
HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $10,000 - 15 January 2025
FTC Takes Action Against GoDaddy for Alleged Lax Data Security for Its Website Hosting Services - 15 January 2025
FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers - 15 January 2025
DORA’s Deadline Looms: Navigating the EU’s Mandate for Threat Led Penetration Testing - 15 January 2025
Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99 - 15 January 2025
Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes - 15 January 2025
Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes - 15 January 2025
Cyber Insights 2025: Open Source and Software Supply Chain Security - 15 January 2025
North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains - 15 January 2025
Chrome 132 Patches 16 Vulnerabilities - 15 January 2025
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities - 15 January 2025
The High-Stakes Disconnect For ICS/OT Security - 15 January 2025
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool - 15 January 2025
Fortinet Confirms New Zero-Day Exploitation - 15 January 2025
US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists - 15 January 2025
Ivanti Patches Critical Vulnerabilities in Endpoint Manager - 15 January 2025
New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment - 15 January 2025
ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA - 15 January 2025
FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation - 15 January 2025
Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks - 15 January 2025
3 Actively Exploited Zero-Day Flaws Patched in Microsoft’s Latest Security Update - 15 January 2025
159-CVE January Patch Tuesday smashes single-month record - 14 January 2025
HHS Office for Civil Rights Settles HIPAA Phishing Cybersecurity Investigation with Solara Medical Supplies, LLC for $3,000,000 - 14 January 2025
Adobe: Critical Code Execution Flaws in Photoshop - 14 January 2025
UK Considers Banning Ransomware Payment by Public Sector and CNI - 14 January 2025
Microsoft Patches Trio of Exploited Windows Hyper-V Zero-Days - 14 January 2025
Biden Signs Executive Order Aimed at Growing AI Infrastructure in the US - 14 January 2025
WEF Report Reveals Growing Cyber Resilience Divide Between Public and Private Sectors - 14 January 2025
How to Eliminate “Shadow AI” in Software Development - 14 January 2025
BforeAI Raises $10 Million for Predictive Attack Intelligence - 14 January 2025
Google OAuth Vulnerability Exposes Millions via Failed Startup Domains - 14 January 2025
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation - 14 January 2025
Orchid Security Banks Hefty $36M Seed Round - 14 January 2025
Snyk Says ‘Malicious’ NPM Packages Part of Research Project - 14 January 2025
Cyber Insights 2025: Cyber Threat Intelligence - 14 January 2025
Western Security Agencies Share Advice on Selecting OT Products - 14 January 2025
SAP Patches Critical Vulnerabilities in NetWeaver - 14 January 2025
Robinhood to Pay $45 Million SEC Settlement Over Data Breach, Other Violations - 14 January 2025
Equifax Class Action Settlement 2024 Payment Started, Claimants Getting Paid Via Checks - 14 January 2025
UK floats ransomware payout ban for public sector - 14 January 2025
CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks - 14 January 2025
Compromised AWS Keys Abused in Codefinger Ransomware Attacks - 14 January 2025
Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments - 14 January 2025
Many Ivanti VPNs Still Unpatched as UK Domain Registry Emerges as Victim of Exploitation - 14 January 2025
Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware - 14 January 2025
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored - 14 January 2025
Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces - 14 January 2025
Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions - 14 January 2025
Infostealer Infections Lead to Telefonica Ticketing System Breach - 13 January 2025
CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks - 13 January 2025
AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming - 13 January 2025
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners - 13 January 2025
Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability - 13 January 2025
US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals - 13 January 2025
PowerSchool Faces Suit Over Breach of Student, Teacher Data - 13 January 2025
Juniper Networks Fixes High-Severity Vulnerabilities in Junos OS - 13 January 2025
Emerging FunkSec Ransomware Developed Using AI - 13 January 2025
Former Disney Employee Admits to Hacking Menu System to Change Allergy Information - 13 January 2025
Phishing texts trick Apple iMessage users into disabling protection - 13 January 2025
Ransomware on ESXi: The mechanization of virtualized attacks - 13 January 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] - 13 January 2025
China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports - 13 January 2025
RIBridges has many lines of defense. How was the system breached? - 13 January 2025
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems - 13 January 2025
WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables - 13 January 2025
Nine months after discovering a ransomware attack, Teton Orthopaedics notifies patients - 12 January 2025
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation - 11 January 2025
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering - 11 January 2025
PowerSchool Sued Over December Breach of Student, Teacher Data - 10 January 2025
PowerSchool Incident: A few resources for teachers, parents, and former students - 10 January 2025
Meloni Says Italy Is Exploring Deals on Telecoms Security, but Denies Private Talks With Musk - 10 January 2025
In Other News: Bank of America Warns of Data Breach, Trucking Cybersecurity, Treasury Hack Linked to Silk Typhoon - 10 January 2025
AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics - 10 January 2025
Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs - 10 January 2025
Major Addiction Treatment Firm BayMark Confirms Ransomware Attack Caused Data Breach - 10 January 2025
Banshee macOS Malware Expands Targeting - 10 January 2025
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures - 10 January 2025
PayPal Phishing Campaign Employs Genuine Links to Take Over Accounts - 10 January 2025
CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer - 10 January 2025
RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns - 10 January 2025
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices - 10 January 2025
Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity - 10 January 2025
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers - 9 January 2025
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption - 9 January 2025
Darktrace to Acquire Incident Investigation Firm Cado Security - 9 January 2025
Hong Kong privacy watchdog warns URA over leaked details of 199 tenants, owners - 9 January 2025
Hackers Claim To Have Compromised Data Broker Used By U.S. Government To Dodge Warrants - 9 January 2025
Medical Billing Firm Medusind Says Data Breach Impacts 360,000 People - 9 January 2025
SonicWall Patches Authentication Bypass Vulnerabilities in Firewalls - 9 January 2025
GFI KerioControl Firewall Vulnerability Exploited in the Wild - 9 January 2025
Product Review: How Reco Discovers Shadow AI in SaaS - 9 January 2025
The ‘Worst in Show’ CES Products Put Your Data at Risk and Cause Waste, Privacy Advocates Say - 9 January 2025
Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool - 9 January 2025
From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025 - 9 January 2025
MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan - 9 January 2025
Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions - 9 January 2025
Excelsior Orthopaedics Data Breach Impacts 357,000 People - 9 January 2025
Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies - 9 January 2025
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection - 9 January 2025
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws - 9 January 2025
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure - 8 January 2025
HHS Office for Civil Rights Settles HIPAA Security Rule Investigation with USR Holdings, LLC Concerning the Deletion of Electronic Protected Health Information - 8 January 2025
HHS Office for Civil Rights Settles 9th Ransomware Investigation with Virtual Private Network Solutions - 8 January 2025
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product - 8 January 2025
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections - 8 January 2025
Telegram Shared Data of Thousands of Users After CEO’s Arrest - 8 January 2025
Symbol Will Indicate When Connected Devices Are Cyber Secure - 8 January 2025
Japan Links Chinese Hacker MirrorFace to Dozens of Cyberattacks Targeting Security and Tech Data - 8 January 2025
Thousands Impacted by Casio Data Breach - 8 January 2025
Rationalizing the Stack: The Case for Security Vendor Consolidation - 8 January 2025
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques - 8 January 2025
PowerSchool discloses breach affecting hosted and self-hosted school k-12 districts - 8 January 2025
Cybersecurity Funding Reached $9.5 Billion in 2024: Report - 8 January 2025
New Labels Will Help People Pick Devices Less at Risk of Hacking - 8 January 2025
Insider Threat: Tackling the Complex Challenges of the Enemy Within - 8 January 2025
Top 5 Malware Threats to Prepare Against in 2025 - 8 January 2025
Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities - 8 January 2025
CISA Warns of Mitel MiCollab Vulnerabilities Exploited in Attacks - 8 January 2025
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks - 8 January 2025
First Android Update of 2025 Patches Critical Code Execution Vulnerabilities - 8 January 2025
FCC Launches ‘Cyber Trust Mark’ for IoT Devices to Certify Security Compliance - 8 January 2025
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation - 7 January 2025
Veracode Targets Malicious Code Threats with Phylum Acquisition - 7 January 2025
HHS Office for Civil Rights Settles 8th Ransomware Investigation with Elgon Information Systems - 7 January 2025
Trolley Problem, Safety Versus Security of Generative AI - 7 January 2025
Chinese Tech Companies Tencent, CATL and Others Protest US Listings as Army-Linked Companies - 7 January 2025
Former NSA Director Rob Joyce Joins DataTribe as Venture Partner - 7 January 2025
Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers - 7 January 2025
Two ransomware groups claimed they attacked Rutherford County Schools. One leaked sensitive records. - 7 January 2025
Washington Attorney General Sues T-Mobile Over 2021 Data Breach - 7 January 2025
Dell, HPE, MediaTek Patch Vulnerabilities in Their Products - 7 January 2025
Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year - 7 January 2025
Critical Infrastructure Ransomware Attack Tracker Reaches 2,000 Incidents - 7 January 2025
CISA: No Federal Agency Beyond Treasury Impacted by BeyondTrust Incident - 7 January 2025
China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks - 7 January 2025
CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing - 7 January 2025
New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities - 7 January 2025
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers - 7 January 2025
Anticipating the Cyber Frontier: Top Predictions for 2025 - 6 January 2025
India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements - 6 January 2025
Code Execution Flaw Found in Nuclei Vulnerability Scanner - 6 January 2025
Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024 - 6 January 2025
Tenable Disables Nessus Agents Over Faulty Updates - 6 January 2025
Cybersecurity M&A Roundup: 37 Deals Announced in December 2024 - 6 January 2025
Is Your Car Spying on You? What It Means That Tesla Shared Data in the Las Vegas Explosion - 6 January 2025
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices - 6 January 2025
From $22M in Ransom to +100M Stolen Records: 2025’s All-Star SaaS Threat Actors to Watch - 6 January 2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan] - 6 January 2025
US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure - 6 January 2025
IT Giant Atos Responds to Ransomware Group’s Data Theft Claims - 6 January 2025
Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages - 6 January 2025
Tenable CEO Amit Yoran Dead at 54 - 6 January 2025
Many researchers are pseudonymous. That doesn’t justify ignoring their alerts. - 5 January 2025
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution - 4 January 2025
New York Modifies Data Breach Law Heading Into 2025 - 4 January 2025
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps - 4 January 2025
U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns - 4 January 2025
India’s Digital Data Protection Framework: Safety, Trust and Resilience - 3 January 2025
Khalil Center’s impressively rapid incident response - 3 January 2025
Feds claims just 7% of available funds from OPM breach settlement, remainder returns to Treasury - 3 January 2025
In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury - 3 January 2025
Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability - 3 January 2025
FireScam Android Malware Packs Infostealer, Spyware Capabilities - 3 January 2025
New York Hospital Says Ransomware Attack Data Breach Impacts 670,000 - 3 January 2025
US Imposes Sanctions on Russian and Iranian Groups Over Disinformation Targeting American Voters - 3 January 2025
New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60% - 3 January 2025
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers - 3 January 2025
Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption - 3 January 2025
Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations - 3 January 2025
Apple to Pay $95 Million to Settle Lawsuit Accusing Siri of Snoopy Eavesdropping - 2 January 2025
No need to hack when it’s leaking: Roomster edition - 2 January 2025
US Arrests Army Soldier Over AT&T, Verizon Hacking - 2 January 2025
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API - 2 January 2025
Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them - 2 January 2025
Three Russian-German Nationals Charged with Espionage for Russian Secret Service - 2 January 2025
Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT - 2 January 2025
Hacked on Christmas, DEphoto starts notifying customers, only to be attacked again - 1 January 2025
New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites - 1 January 2025
Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics - 1 January 2025
Westend Dental agrees to pay Indiana $350K and to implement corrective action plan to settle charges of multiple HIPAA violations - 31 December 2024
Rhode Islanders’ Data Was Leaked From a Cyberattack on State Health Benefits Website - 31 December 2024
Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign - 31 December 2024
U.S. Army Soldier Arrested in AT&T, Verizon Extortions - 31 December 2024
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy - 31 December 2024
Chinese hackers breached Treasury Department workstations, documents in ‘major cybersecurity incident’ - 31 December 2024
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents - 31 December 2024
Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident - 30 December 2024
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation - 30 December 2024
More details emerge about RIBridges data breach; Deloitte tells state threat actors have leaked data - 30 December 2024
Prioritizing patching: A deep dive into frameworks and tools – Part 2: Alternative frameworks - 30 December 2024
Four-Faith Industrial Router Vulnerability Exploited in Attacks - 30 December 2024
Palo Alto Networks Patches Firewall Zero-Day Exploited for DoS Attacks - 30 December 2024
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips - 30 December 2024
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits - 30 December 2024
US Issues Final Rule for Protecting Personal Data Against Foreign Adversaries - 30 December 2024
When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions - 30 December 2024
Cisco Confirms Authenticity of Data After Second Leak - 30 December 2024
Several Chrome Extensions Compromised in Supply Chain Attack - 30 December 2024
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft - 29 December 2024
A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says - 29 December 2024
Philippine Commision on Audit notes dearth of data privacy officers despite law - 28 December 2024
White House Clears HIPAA Security Rule Update - 28 December 2024
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials - 28 December 2024
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign - 27 December 2024
Massive VW Group Data Leak Exposed 800,000 EV Owners’ Movements, From Homes To Brothels - 27 December 2024
Prioritizing patching: A deep dive into frameworks and tools – Part 1: CVSS - 27 December 2024
2024’s Data Breaches: Breaches Handled Badly - 27 December 2024
Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia - 27 December 2024
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks - 27 December 2024
Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately - 27 December 2024
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization - 27 December 2024
Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts - 26 December 2024
Defense Giant General Dynamics Says Employees Targeted in Phishing Attack - 26 December 2024
The Intersection of AI and OSINT: Advanced Threats On The Horizon - 26 December 2024
Japan Airlines recovers from cyberattack, confirms no customer data leaks - 26 December 2024
Brazilian Man Charged With Making Extortionate Threats To Publicize Stolen Data Obtained By Unlawful Computer Intrusion - 26 December 2024
Japan Airlines Was Hit by a Cyberattack, Delaying Flights During the Year-End Holiday Season - 26 December 2024
Cl0p Ransomware Group to Name Over 60 Victims of Cleo Attack - 26 December 2024
Jamestown Pharmacist Arrested and Charged with Health Care Fraud and Aggravated Identity Theft in a Multi-Million Dollar Health Care Fraud Scheme - 25 December 2024
Pittsburgh Regional Transit dealing with ransomware attack that slowed light rail system last week - 25 December 2024
Clop ransomware is now extorting 66 Cleo data-theft victims - 25 December 2024
Journalist faces Crime Branch action for exposing data breach, Kerala’s press fights back - 25 December 2024
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now - 25 December 2024
Ruijie Networks’ Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks - 25 December 2024
Happy Holidays from DataBreaches.net! - 25 December 2024
Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware - 25 December 2024
FBI Blames North Korea for $308M Cryptocurrency Hack as Losses Surge in 2024 - 24 December 2024
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts - 24 December 2024
American Addiction Centers Data Breach Impacts 422,000 People - 24 December 2024
CA: Electronic data security breach at Milton long-term care home revealed - 24 December 2024
KY: Personal data of Boone, Kenton County students breached, school officials say - 24 December 2024
Today’s insider threat: Ardyss edition - 24 December 2024
2025 NDAA Provides $3 Billion Funding for FCC’s Rip-and-Replace Program - 24 December 2024
Adobe Patches ColdFusion Flaw at High Risk of Exploitation - 24 December 2024
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation - 24 December 2024
North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin - 24 December 2024
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks - 24 December 2024
Live Webinar | Get Ahead and Stay Ahead of Threats with Tanium and Microsoft - 23 December 2024
ENISA: Software vulnerability prevention initiatives - 23 December 2024
Live Webinar | Supercharge Your ServiceNow CMDB with Complete and Real-Time Data - 23 December 2024
Accounting of Disclosures Under the HITECH Act - 23 December 2024
Annual Report to Congress on Breaches of Unsecured Protected Health Information - 23 December 2024
FFIEC Final Authentication Guidance - 23 December 2024
Models Can Strategically Lie, Finds Anthropic Study - 23 December 2024
Turmoil Besets Phishing-as-a-Service Toolkit Rockstar 2FA - 23 December 2024
North Korean Hackers Tied to $1.3B in Stolen Crypto in 2024 - 23 December 2024
US Considers TP-Link Ban After Volt Typhoon Hacking Campaign - 23 December 2024
Illinois Department of Human Services phishing attack affected more than 1.1M public assistance clients - 23 December 2024
Douglas County Health & Human Services notifies patients that former employee accessed their records inappropriately - 23 December 2024
Ascension cyberattack exposed personal data of 5.6 million people - 23 December 2024
The Fine Line Between Ideology and Crime: Understanding the True Purpose of Dragon Ransomware – The Interview - 23 December 2024
Tracker firm Hapn spilled names of thousands of GPS tracking customers - 23 December 2024
Conversation with a “Nam3L3ss” Watchdog, Part 3: Ethics and Goals - 23 December 2024
New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA - 23 December 2024
Conversation with a “Nam3L3ss” Watchdog, Part 2: Methods - 23 December 2024
Conversation with a “Nam3L3ss” Watchdog: Preface - 23 December 2024
Conversation with a “Nam3L3ss” Watchdog, Part 1: Background - 23 December 2024
Sophos AI to present on how to defang malicious AI models at Black Hat Europe - 23 December 2024
December Patch Tuesday arrives bearing 71 gifts - 23 December 2024
Network security best practices for the holidays - 23 December 2024
Sophos excels in the 2024 MITRE ATT&CK® Evaluations: Enterprise - 23 December 2024
Keeping it real: Sophos and the 2024 MITRE ATT&CK Evaluations: Enterprise - 23 December 2024
The Bite from Inside: The Sophos Active Adversary Report - 23 December 2024
DeepSpeed: a tuning tool for large language models - 23 December 2024
Sophos ranked #1 overall for Firewall, MDR, and EDR in the G2 Winter 2025 Reports - 23 December 2024
Year in Review 2024: The major headlines and moments from Sophos this year - 23 December 2024
Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces - 23 December 2024
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack - 23 December 2024
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation - 23 December 2024
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages - 23 December 2024
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware - 23 December 2024
Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations - 23 December 2024
Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service - 23 December 2024
Top 10 Cybersecurity Trends to Expect in 2025 - 23 December 2024
U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case - 23 December 2024
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips - 23 December 2024
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case - 23 December 2024
Another NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US - 23 December 2024
Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme - 23 December 2024
In Other News: McDonald’s API Hacking, Netflix Fine, Malware Kills ICS Process - 23 December 2024
Botnet of 190,000 BadBox-Infected Android Devices Discovered - 23 December 2024
Apple Complains Meta Requests Risk Privacy in Spat Over EU Efforts to Widen Access to iPhone Tech - 23 December 2024
LockBit Ransomware Developer Arrested in Israel at Request of US - 23 December 2024
Italy’s Privacy Watchdog Fines OpenAI for ChatGPT’s Violations in Collecting Users Personal Data - 23 December 2024
5.6 Million Impacted by Ransomware Attack on Healthcare Giant Ascension - 23 December 2024
Sophos Patches Critical Firewall Vulnerabilities - 23 December 2024
Beware Of Shadow AI – Shadow IT’s Less Well-Known Brother - 23 December 2024

Pages

Posts

News