There are nearly 900 vulnerabilities in the Known Exploited Vulnerabilities (KEV) catalog maintained by the US Cybersecurity and Infrastructure Security Agency (CISA).  According to researchers at VulnCheck, of the 900 vulnerabilities, 557 CVEs were…

Notorious carding marketplace BidenCash recently released information on more than 2.1 million credit and debit cards.  Carding marketplaces also referred to as card shops, are cybercrime websites that facilitate the trading and unauthorized use of…

In a series of attacks across Mexico, cybercriminals have been withdrawing cash on demand through the use of FiXS, an advanced ATM malware. According to a report released by researchers at Metabase Q, the attacks employ similar methods as earlier ATM…

The online counseling service BetterHelp has recently agreed to return $7.8 million to customers to settle with the Federal Trade Commission for sharing health data it had promised to keep private, including information about mental health challenges…

German industrial automation solutions provider Wago has recently released patches for several of its programmable logic controllers (PLCs) to address four vulnerabilities, including ones that can be exploited to take full control of the targeted device…

Hatch Bank, a Financial Technology (FinTech) banking platform, revealed that it faced a data breach caused by the attack on the Fortra GoAnywhere MFT file-sharing platform when the data of almost 140,000 customers was stolen. Hatch Bank discovered that…

Cyberattackers and security researchers have begun focusing on Electric Vehicle (EV) charging infrastructure security vulnerabilities. Researchers from the energy-network cybersecurity company Saiflow uncovered two vulnerabilities in the Open Charge…

The Play ransomware group is leaking data stolen from a recent cyberattack against the City of Oakland, California. The initial data leak consisted of a 10GB RAR archive with multiple parts that contained private documents, employee details, passports,…

On February 28, 2023, the German Regional Police, Ukrainian National Police, Europol, Dutch Police, and FBI joined forces to bring down the actors behind the criminal group known for launching attacks using the DoppelPaymer ransomware. In 2019,…

New research demonstrates that malicious actors can use "insufficient" forensic visibility into Google Cloud Platform (GCP) to exfiltrate sensitive data. The cloud incident response company Mitiga stated that GCP lacks the visibility in its storage logs…

Websites often offer visitors the option to opt out of data collection. However, according to a team of privacy researchers, opting out is not always effective, as visitor data collection can still occur. Europe's General Data Protection Regulation (GDPR…

Over 90 percent of the 650 financial apps hosted on the Google Play App Store contain data that can be extracted, such as Application Programming Interface (API) keys. Approov's Mobile Threat Lab reverse-engineered the code of financial service apps and…