Restaurant customer management platform SevenRooms has recently confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum.  SevenRooms is a restaurant customer relationship management (CRM) platform used…

The City of Whitehall was the victim of a ransomware attack earlier this year that has potentially exposed the personal information of about 37,000 people, including city employees and members of the public.  Recently the city announced that it had…

According to Mitiga research, the cloud storage provider Amazon Web Services (AWS) has a vulnerability that could allow threat actors with pre-existing account control to exploit Internet Protocol (IP) addresses to gain access to other systems. The flaw…

DraftKings, a Nasdaq-listed sports betting company, revealed that the personal information of almost 68,000 clients was exposed in a credential stuffing attack in November. A credential stuffing attack is a cyberattack in which an attacker leverages…

Emory Healthcare is a healthcare system in the US state of Georgia, which has disclosed a data breach that potentially compromised the Protected Health Information (PHI) of over 1,000 people. Through a notice issued by the US Department of Labor (DOL),…

According to a recent report by vpnMentor, the education publishing company McGraw Hill faced a data breach that may have revealed the email addresses and grades of hundreds of thousands of students. The Internet privacy organization stated that its…

Microsoft has issued a warning that some Windows 10 users may experience the Blue Screen of Death (BSOD) after installing its latest "Patch Tuesday" security updates. The company disclosed that the blue screen issue could affect some users who downloaded…

Microsoft recently shared details on CVE-2022-42821, a Gatekeeper bypass vulnerability that Apple recently addressed in macOS Ventura, Monterey, and Big Sur.   The vulnerability was identified in July 2022, and the security defect is described as a…

According to researchers at Flashpoint, a recently identified information stealer named "RisePro" is being distributed by pay-per-install malware downloader service "PrivateLoader."  RisePro is written in C++ and harvests potentially sensitive…

The Ukrainian military agency that recently debuted a battlefield situational awareness technology alerted the Ukrainian Computer Emergency Response Team (CERT-UA) about a phishing campaign in which the operators seek to steal files and Internet browser…

Researchers at Cyble Research and Intelligence Labs have identified two phishing sites, one masquerading as a Cisco webpage and the other as a Grammarly site, which threat actors are using to deliver a severe piece of malware known as "DarkTortilla." The…

Comcast reports a 14 percent increase in the percentage of Americans reporting unsafe online practices that expose them to cyber threats, such as reusing or sharing passwords, ignoring software updates, and more, during the past two years. Comcast's EVP…