An attacker group is conducting a malicious cryptocurrency mining operation using the free or trial-based cloud computing resources and platforms provided by GitHub, Heroku, and Togglebox. The operation involves the creation of tens of thousands of fake…

Fortinet has issued patches for a critical flaw in multiple versions of its popular FortiADC application delivery controller, which might allow an attacker to execute arbitrary code. The vulnerability, tracked as CVE-2022-39947, is an OS command…

The weaponization of Artificial Intelligence (AI) against organizations with insufficient AI and Machine Learning (ML) experience gives bad actors an advantage in the AI cyberwar. Threat actors have a significant advantage over most organizations because…

Researchers at Cybernews discovered a database containing a massive amount of data left exposed by a social platform for the cricket community. Emails, phone numbers, names, hashed user passwords, dates of birth, and addresses are all stored in the open…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

According to security researchers at Immunefi, losses of cryptocurrency assets due to hacks rose to $3.7 billion last year, a 58 percent increase over the $2.3 billion that cybercriminals stole from investors and exchanges in 2021.  The researchers…

Business software provider Zoho is urging customers to patch a critical security flaw affecting multiple ManageEngine products.  The bug, tracked as CVE-2022-47523, is an SQL injection vulnerability found in the company's Password Manager Pro secure…

Researchers in China say they have made a quantum computing breakthrough, finding out how to breach the Rivest–Shamir–Adleman (RSA) public-key encryption system using a quantum computer with the amount of power that will soon be publicly available.…

Qualcomm has disclosed nearly two dozen security flaws in its chipsets, including the company's flagship Snapdragon processor chips, which impact products ranging from cars to powerline communications. Two flaws in automotive and one bug in powerline…

Following a breach of CircleCI's servers, the company has recommended customers rotate their secrets. CircleCI is a San Francisco-based DevOps company whose development solutions are popular among software developers. According to a statement made by the…

Enterprise communication and collaboration platform Slack has recently informed customers that hackers have stolen some of its private source code repositories, but claims impact is limited.  Slack disclosed the incident on December 31.  Slack…

US burger chain Five Guys has recently disclosed a data breach impacting job applicants, and the company may be facing a lawsuit over the cybersecurity incident.  Five Guys started informing employees on December 29, when it also notified state…