Researchers have discovered what they describe as a critical vulnerability in the open-source Content Management System (CMS) PHPFusion, which is widely used. The vulnerability, tracked as CVE-2023-2453, is an authenticated local file inclusion flaw that…

A threat actor known as W3LL developed a phishing kit to circumvent multi-factor authentication (MFA) and other tools. Over 8,000 Microsoft 365 corporate accounts have been compromised by the phishing kit. In ten months, security researchers discovered…

The Iranian threat actor APT34 has been linked to a new phishing attack that deploys a variant of the SideTwist backdoor. According to NSFOCUS Security Labs, APT34 has a high level of attack technology, the ability to design different intrusion methods…

A new study reveals that most major car makers acknowledge they may be selling users' personal information. However, they are vague about the buyers. Half of them would share such information with the government or law enforcement without a court order.…

Hackers have recently stolen over $40m in cryptocurrency from Curaçao-headquartered Stake[.]com, which offers casino and sports betting for players using cryptocurrency.  The firm noted that on Monday, it had spotted unauthorized transactions being…

Encryption is the most common method for protecting information. Information is encrypted using a Random Number Generator (RNG), which can be a computer program or the hardware itself. The RNG provides the keys to encrypt and unlock information at the…

Due to flaws in the process that enables email forwarding, it is easier than previously believed to send an email with a forged address, according to a research team led by computer scientists from the University of California San Diego. The issues…

Dr. Yongfeng (Felix) Ge of Victoria University will develop an evolutionary computation-based framework to optimize privacy and utility issues associated with data storage and publishing. Recent large-scale data breaches in Australia, which resulted in…

Researchers are establishing a cybersecurity research and development facility to harden offshore wind technology against cyberattacks. The Cyber-Resilience of Offshore Wind Networks (CROWN) project will establish the lab space at the University of…

NoName057(16), a Russian hacker group, conducts Distributed Denial-of-Service (DDoS) attacks against European financial institutions, government websites, and transportation services. The group recently claimed responsibility for disrupting the websites…

According to researchers at Resecurity, a threat group that specializes in impersonating postal agencies and mail delivery companies has launched an SMS phishing (smishing) campaign against iPhone users in the US. The group develops fake but convincing…

According to security researchers at Group-IB, cyber fraudsters have been observed increasingly exploiting vulnerabilities in air miles and customer service systems across the EU, the UK, and the US.  The researchers noted that in 2022 alone, cases…