Stanford University computer scientists have discovered that programmers who accept assistance from Artificial Intelligence (AI) tools such as GitHub Copilot write less secure code than those who do not. In a paper titled, "Do Users Write More Insecure…

MGM Resorts-owned online sports betting company BetMGM recently confirmed that it suffered a data breach the same day hackers offered to sell a database containing the information of 1.5 million BetMGM customers.  BetMGM said, “patron records were…

The US Department of Health and Human Services Cybersecurity Coordination Center (HC3) says that the pro-Russian threat actor group Killnet has tried to achieve its political goals by targeting American hospitals and healthcare groups. After Russia…

Trellix forecasts an increase in geopolitically motivated attacks across Asia and Europe in 2023, as well as hacktivism spurred by tensions between competing political parties and vulnerabilities in core software supply chains. In cybersecurity,…

A Server-Side Request Forgery (SSRF) vulnerability in the Google Web Stories plugin for WordPress could be exploited to obtain Amazon Web Services (AWS) metadata from sites hosted on the AWS server. This metadata may contain sensitive data such as…

Customers of Comcast Xfinity have reported that their accounts have been compromised by widespread hacks that circumvent two-factor authentication (2FA). The hacked accounts are then used to reset the passwords of other services, including the Coinbase…

Password management giant LastPass has recently revealed that hackers that breached the firm in August made off with encrypted customer vault data and unencrypted account information.  The update comes after the firm initially said that the incident…

CrowdStrike researchers found a new Play ransomware exploit method that can circumvent Microsoft's rewrite mitigations released in October. Microsoft's fixes were intended to protect against ProxyNotShell vulnerabilities. The researchers uncovered the…

A comprehensive investigation of FIN7 has uncovered the cybercrime syndicate's organizational structure, as well as its position as an affiliate in the escalating ransomware attacks. It has also revealed deeper ties between the group and the greater…

The recently detailed Internet of Things (IoT) botnet Zerobot has been updated with an expanded list of exploits and distributed denial-of-service (DDoS) capabilities.  Zerobot was initially detailed two weeks ago.  Zerobot is a self-…

A small but growing number of universities are now blocking access to TikTok on school-owned devices or WiFi networks, in the latest sign of a widening crackdown on the popular short-form video app.  The University of Oklahoma and Auburn University…

Identity and access management solutions provider Okta recently informed customers that some of the company’s source code was stolen recently from its GitHub repositories.  Okta was informed about the breach in early December by GitHub.  An…