Carnegie Mellon University's (CMU) picoCTF has introduced students of all ages to the field of cybersecurity through its annual Capture-the-Flag competition and year-round educational platform for more than a decade. Recent outreach efforts by picoCTF…

According to the cybersecurity company Guardz, a new information-stealing program is available on the dark web. The ShadowVault program is a malicious entity that can be hired for $500 per month. The program can extract passwords, credit card information…

Organized criminal groups exploited a vulnerability in Revolut's payment systems and stole more than $20 million, according to the Financial Times, which cited sources knowledgeable about the situation. Over 30 million customers worldwide are served by…

Researchers observed a new campaign that they linked to the Charming Kitten Advanced Persistent Threat (APT) group in which hackers used new macOS-targeting NokNok malware. The campaign began in May and uses a different infection chain than previously…

The threat actors responsible for the RomCom Remote Access Trojan (RAT) are suspected of launching phishing attacks against the NATO summit in Vilnius and a known organization supporting Ukraine abroad. The BlackBerry Threat Research and Intelligence…

A sophisticated and evasive malware campaign targets businesses in Latin America with a multi-stage attack that begins with phishing and culminates with deploying a novel Trojan dubbed Toitoin that captures sensitive system information and data from…

Gaming gear company Razer has recently reacted to rumors of a massive data breach with a short statement on Twitter, letting users know that they started investigating the matter.  Razer is a popular American-Singaporean tech firm focusing on gaming…

More than 750,000 people may have had their social security numbers stolen in a data breach at Lansing Community College (LCC) in late 2022 and early 2023.  The community college notified "757,832 employees, students, and vendors that their personal…

According to new research by Object First, 40% of consumers harbor skepticism regarding organizations’ data protection capabilities, and 75% would shift to alternate companies following a ransomware attack.  The company noted that consumers are…

According to the international law firm RPC, incidents of online extortion reported to the police increased by nearly two-fifths in 2022 compared to a year previously.  The new study revealed 3200 reports of cyber extortion last year, including…

Confidential information, including unreleased TV shows, scripts, and materials, belonging to the popular children’s television channel Nickelodeon have recently been reportedly compromised in a significant data leak.  According to social media…

Another critical SQL injection vulnerability has recently been disclosed and patched in Progress Software's MOVEit Transfer software, the fourth such flaw revealed in the space of a month.  The security bug (CVE-2023-36934) is distinct from the…