Thumb
12 Dec

WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins

Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks.

Thumb
11 Dec

Global Ongoing Phishing Campaign Targets Employees Across 12 Industries

A sophisticated phishing campaign is targeting employees of 30+ companies across 12 industries worldwide.Over 200 malicious links have been distributed, designed to steal user login credentials.

Thumb
4 Dec

Hackers Exploit Docker Remote API Servers To Inject Gafgyt Malware

The Gafgyt malware (often referred to as Bashlite or Lizkebab) has expanded its attack scope by targeting publicly exposed Docker Remote API servers.

Thumb
3 Dec

NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise

Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems.

Thumb
27 Nov

Salt Typhoon Builds Out Malware Arsenal With GhostSpider

The Chinese threat actor known as Salt Typhoon has been spying on some high-value government and telecommunications organizations for several years now, recently debuting fresh backdoor malware, dubbed GhostSpider.

Thumb
25 Nov

Salt Typhoon Builds Out Malware Arsenal With GhostSpider

CyberVolk/GLORIAMIST is a hacktivist collective originating in India with pro-Russia leanings. Between June and October 2024, CyberVolk claimed responsibility for multiple ransomware attacks.

Thumb
20 Nov

Australia critical infrastructure faces cyber threats, report says

SYDNEY, Nov 20 (Reuters) - Australia said it was concerned that one in ten cybersecurity incidents last year involved critical infrastructure, with state-sponsored actors targeting the country's government, infrastructure and businesses using evolving tradecraft.

Thumb
18 Nov

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.

Thumb
14 Nov

5 BCDR Oversights That Leave You Exposed to Ransomware

Ransomware isn't just a buzzword; it's one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging.

Thumb
7 Nov

500,000 people impacted by ransomware attack on Columbus, Ohio

The City of Columbus, Ohio, has notified 500,000 individuals that a ransomware attack in July 2024 stole their personal information. In incident caused he city to take systems offline to contain the attack, impacting a range of services.

Thumb
17 Aug

How the ransomware attack at Change Healthcare went down: A timeline

A ransomware attack earlier this year on UnitedHealth-owned health tech company Change Healthcare likely stands as one of the largest data breaches of U.S. health and medical data in history.

Thumb
31 May

Hugging Face says it detected ‘unauthorized access’ to its AI model hosting platform

AI startup Hugging Face reported that its security team identified “unauthorized access” to Spaces, its platform for sharing AI models, during a period typically reserved for sensitive disclosures.

Thumb
25 Feb

European cyber insurance startup Stoïk secures $27M

Cyber risk has become an increasingly important issue for small companies around the world. While many companies try to avoid and mitigate cyber risks, they rarely discuss transferring those risks to a third party.

Thumb
14 Feb

UK utility giant Southern Water says hackers stole personal data of hundreds of thousands of customers

Southern Water, which provides water and wastewater services to millions of people across the South East of England, that it plans to notify “5 to 10 percent” of its customer base that they had personal information stolen by hackers

Thumb
17 Sept

The cybersecurity labor gap now stands at 4M+ open jobs — Intezer has raised $33M for AI tools to plug it

Cybersecurity has one of the biggest and most urgent talent shortages in the tech industry. Malicious attacks are on the rise, and the techniques being used to worm into networks are growing ever more sophisticated.

Thumb
24 May

US pharma giant Cencora says Americans’ health information stolen in data breach

U.S. pharmaceutical giant Cencora says it is notifying affected individuals that their personal and highly sensitive medical information was stolen during a cyberattack and data breach earlier this year.