Researchers at ETH Zurich found a number of critical security vulnerabilities in the MEGA cloud storage service that could allow malicious actors to break the confidentiality and integrity of user data. The researchers explain how MEGA's system does not…

Google recently released Chrome 103 to the stable channel with patches for 14 vulnerabilities, including nine reported by external researchers.  The most severe vulnerability is CVE-2022-2156, which is described as a critical-severity use-after-free…

A Chinese hacking group has been observed using a low-tech but effective method to steal money from Web3 wallets, which involves distributing altered versions with holes programmed into them. The hackers cloned legitimate wallet distribution sites,…

The city of Amagasaki in western Japan recently discovered that it had lost a USB flash drive containing the personal information of its roughly 460,000 residents.  The lost data included the residents' names, addresses, and dates of birth, as well…

In an effort to conceal their genuine espionage activities, a group of cyberattackers with probable state support adopted a new loader to disseminate five different types of ransomware. Secureworks' cybersecurity experts released new research on HUI…

A Parse Server software flaw has led to the discovery of an authentication bypass affecting Apple Game Center. The open-source Parse Server project, which is available on GitHub, offers push notification functionality for iOS, macOS, Android, and tvOS.…

Recently a US subsidiary of Nichirin, a Japanese company that makes hoses for the automotive industry, was hit by ransomware.  The attack was aimed at Nirchirin-Flex USA and was discovered on June 14th.  Other Nichirin subsidiaries do not…

In collaboration with the University of Tokyo, researchers from Kyushu University's Institute for Materials Chemistry and Engineering have developed an olfactory sensor for biometric authentication using breath. The artificial 'nose' they developed can…

An international team of researchers has created a scanning tool to reduce the vulnerability of websites to hacking and cyberattacks. The black box security assessment prototype, which was tested by engineers in Australia, Pakistan, and the UAE,…

Researchers at Check Point have discovered a new campaign associated with the Chinese "Tropic Trooper" hacking group, which employs a novel loader known as Nimbda and a new variant of the Yahoyah Trojan. The Trojan is included in a greyware tool called '…

The number of email-borne cyber threats blocked by Trend Micro surged by triple digits last year, highlighting the continued risk from conventional attack vectors.  Trend Micro stopped over 33.6 million such threats reaching customers via cloud-…

Security researchers at the Linux Foundation have discovered that over two-fifths (41%) of organizations do not have confidence in their open source security, with only 49% claiming to even have a policy.  The study was co-sponsored by Snyk, and…