News
-
"South Korean Spies Exploit WPS Office Zero-Day"ESET discovered a cyber espionage campaign, traced to the Seoul-aligned APT-C-60 group, that exploited a novel Remote Code Execution (RCE) vulnerability in WPS Office for Windows to launch a custom backdoor.
-
"Malware Delivered via Malicious Pidgin Plugin, Signal Fork"Threat actors have been delivering malware to users of instant messaging apps. They have used a malicious Pidgin plugin and an unofficial fork of the Signal app.
-
"DICK’s Shuts Down Email, Locks Employee Accounts After Cyberattack"DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States, recently announced that confidential information was exposed in a cyberattack detected last Wednesday.
-
"Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites"According to security researchers at Defiant, a critical vulnerability in the WPML multilingual plugin for WordPress could expose over one million websites to remote code execution (RCE).
-
"950,000 Impacted by Young Consulting Data Breach"Software solutions provider Young Consulting recently notified over 950,000 individuals that their personal information was compromised in a data breach earlier this year.
-
"US Offering $2.5 Million Reward for Belarusian Malware Distributor"The US Department of State recently announced a $2.5 million reward for information leading to the arrest of a Belarusian national allegedly involved in the mass distribution of malware.
-
"How We're Using 'Chaos Engineering' to Make Cloud Computing Less Vulnerable to Cyberattacks"In a study titled "Towards Antifragility of Cloud Systems: An Adaptive Chaos Driven Framework," researchers used different strategies to show how stress can bolster the security of cloud computing systems.
-
"China's Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs"Lumen Technologies found the Chinese Advanced Persistent Threat (APT) group "Volt Typhoon" exploiting a new zero-day in Versa Director servers to steal credentials and break into downstream customers' networks.
-
"macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users"An Apple macOS version of a backdoor named "HZ RAT" targets users of Chinese instant messaging apps such as DingTalk and WeChat.
-
"Park’N Fly Notifies 1 Million Customers of Data Breach"Park'N Fly recently announced that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network.
-
"Microsoft 365 Copilot Vulnerability Exposes User Data Risks"Cybersecurity researcher Johann Rehberger has disclosed a vulnerability he found in Microsoft 365 Copilot that allows attackers to steal users' sensitive information.