Congress was notified about a data breach involving the DC Health Link healthcare exchange platform, which exposed personal information belonging to members and staff of the legislative body. According to a letter from Catherine Szpindor, the chief…

Researchers at the cybersecurity firm Guardio discovered that a malicious browser extension called "Quick access to Chat GPT" tries to hijack Facebook accounts and distribute itself in a "worm-like" fashion. Additionally, the extension collects browser…

Security researchers at Ivanti have discovered that a culture of unaccountability, poor cyber hygiene, and limited staff training are creating a perfect storm of cyber risk for governments worldwide, with many workers unbothered about the prospect of a…

GitGuardian scanned 1.02 billion new GitHub commits in 2022, a 20 percent increase from 2021, and discovered 10 million instances of secrets, a 67 percent increase. There is a misconception that junior developers are mostly responsible for hard-coded…

Bitwarden is a popular open-source password management solution with a web browser extension that stores account usernames and passwords in an encrypted vault. Bitwarden's auto-fill functionality for credentials exhibits a risky behavior that could allow…

The cryptocurrency mining group called 8220 Gang has been using a new crypter called ScrubCrypt in cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain begins with successfully exploiting vulnerable Oracle WebLogic servers to…

A proof-of-concept (POC), Artificial Intelligence (AI)-powered cyberattack that can quickly change its code is capable of evading the latest automated security-detection technologies, indicating the potential for developing undetectable malware.…

Intel introduced its Real-Time Deepfake Detector video analysis technology in November 2022. "Deepfake" stems from the use of deep learning, a subfield of Artificial Intelligence (AI) involving multilayered Artificial Neural Networks (ANNs), to generate…

There is a dark side to Machine Learning (ML) and Natural Language Processing (NLP) advancements, as they eliminate the need for malicious actors to employ human workers to duplicate and distribute false or malicious content. According to Virginia Tech…

The tourist website for the Faroe Islands, a self-governing part of the Kingdom of Denmark, was vandalized by a hacker group that claimed to have stolen employee data and other sensitive information. The archipelago of 18 islands has a population of 54,…

Google recently announced the release of Chrome 111 to the stable channel with patches for 40 vulnerabilities.  A total of 24 of the addressed security defects were reported by external researchers.  These include eight high-severity flaws, 11…

Researchers from Morphisec found a sophisticated information stealer, called SYS01 stealer, that has been used in attacks on employees of critical government infrastructure, manufacturing companies, and other sectors since November 2022. The campaign…