A China-based hacking group has been linked to cyberattacks on dozens of Taiwanese organizations as part of a suspected espionage campaign. The Microsoft Threat Intelligence team tracks the activities under the name Flax Typhoon, also known as Ethereal…

Two vulnerabilities impacting Jupiter X Core, a premium plugin for configuring WordPress and WooCommerce websites, enable account hijacking and file uploading without authentication. Jupiter X Core is a simple but powerful visual editor, which is part of…

Cybersecurity insurance is a rapidly developing market, expected to rise from around $13 billion in 2022 to $84 billion in 2030. However, insurers have difficulty quantifying the possible risks of this type of insurance. Traditional actuary models do not…

Researchers have discovered a new strain of ransomware dating back to 2019. It targets individuals and small organizations, demanding small ransoms from each victim. Researchers from the security and operations analytics company Netenrich recently…

Malicious non-state actors are using Artificial Intelligence (AI) to amplify their malicious activities. Since the release of OpenAI's ChatGPT last year, there has been much discussion on the dark web about methods involving this technology. Dark web…

In the past month, a hacking group known as "KittenSec" claims to have attacked government and private sector computer systems in multiple NATO countries, arguing that it is exposing corruption. KittenSec is part of a line of groups hacking government…

Organizations are increasingly implementing biometrics to streamline and expedite authentication. However, Stuart Wells, CTO of the biometrics authentication company Jumio, identifies potential threats and methods fraudsters may use to circumvent facial…

Vulncheck researchers found over 3,000 Openfire servers vulnerable to attacks due to a path traversal flaw, tracked as CVE-2023-32315. Openfire is a widely used Java-based open-source chat server maintained by Ignite Realtime. The vulnerability impacts…

The University of Minnesota has recently confirmed that a threat actor has exfiltrated data from its systems but says no malware infection was identified.  The confirmation comes one month after a threat actor boasted about accessing the university’…

Four quantum-resistant algorithms were chosen by the National Institute of Standards and Technology (NIST) last year. The agency has now begun the process of standardizing these algorithms, which is the last step before making these mathematical tools…

Data from 2.6 million users of Duolingo, a language learning platform with over 74 million monthly users, was leaked on a hacking forum.  The compromised data, which includes real names, login names, email addresses, and internal service-related…

The FBI has advised Barracuda customers who are still using the vendor's vulnerable Email Security Gateway (ESG) to remove the appliance from operation. Many of the appliances were hit in a zero-day attack discovered in May. The attack was attributed to…