Malicious open-source Python .whl (Wheel) files were distributing a new malware called KEKW, which can steal sensitive data from infected systems by combining clipper activities with infostealers to take over cryptocurrency transactions. Cyble Research…

NodeStealer is a new malware that steals information and is distributed on Meta. It can steal browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. The malware was first discovered targeting Windows browsers in…

OpenAI offered free credits to users interested in trying its open Artificial Intelligence (AI) projects. However, Checkmarx discovered a vulnerability that allowed users to abuse the trial and get unlimited credit on new accounts. The researchers were…

Two well-known hacking groups have claimed responsibility for recent attacks on religious organizations, which is a departure from their usual focus on businesses and government agencies. The infamous LockBit ransomware group has added Relentless Church…

Pediatric mental health provider Brightline has recently warned patients that it suffered a data breach on January 30, impacting 783,606 people.  Brightline said the breach was related to a zero-day vulnerability in its Fortra GoAnywhere MFT secure…

Cisco recently raised the alarm on a critical remote code execution (RCE) vulnerability impacting SPA112 2-Port phone adapters, which have reached end-of-life (EoL) status.  Tracked as CVE-2023-20126 (CVSS score of 9.8), the flaw impacts the web-…

Apple has recently released the first-ever security updates for its Beats and AirPods products to patch a vulnerability that can be exploited to gain access to headphones through a Bluetooth attack.  The flaw is tracked as CVE-2023-27964, and it was…

The Institute for Agent-based Cyber Threat Intelligence and Operation (ACTION), funded by the National Science Foundation (NSF), is composed of the top US computer scientists and engineers. It combines the continuous learning and reasoning of Artificial…

Researchers from the Oregon State University (OSU) College of Engineering have demonstrated that hackers can destabilize a power transmission grid by manipulating smart meters to cause an oscillation in electricity demand. A smart meter is a digital…

A newly published paper by security researchers at the Technical University of Berlin reveals that AMD's firmware-based Trusted Platform Module (fTPM/TPM) can be fully compromised using a voltage fault injection attack, allowing full access to the…

The US government recently claimed it had dismantled another popular cybercrime service after unsealing a four-count indictment against its alleged Russian operator.  Try2Check played a vital role in the online fraud supply chain by enabling…

Meta, the parent company of Facebook, announced that it thwarted the activities of three Advanced Persistent Threat (APT) groups in South Asia engaged in cyber espionage and six adversarial groups from different global regions involved in "inauthentic…