IBM recently announced patches for multiple high-severity vulnerabilities impacting products such as Netezza for Cloud Pak for Data, Voice Gateway, and SiteProtector.  Three vulnerabilities were resolved in IBM Netezza for Cloud Pak for Data, all of…

Microsoft Office has started publishing Office symbols for Windows to help bug hunters find and report security issues.  Microsoft noted that symbols are pieces of information used during debugging and are contained within Symbol files, which are…

In most cases, IBM's X-Force Red ethical hacking team has been able to gain access to Source Code Management (SCM) systems in an adversary simulation engagement. Access to SCM systems provides attackers with opportunities for software supply chain…

Meta, Facebook's parent company, took action earlier this year against two cross-platform cyberespionage operations that relied on multiple websites for malware distribution. Bitter APT is the first hacking group that Meta shut down in the second quarter…

In a recently observed phishing campaign aimed at taking over Coinbase accounts and defrauding users of their cryptocurrency balances, threat actors are circumventing two-factor authentication (2FA) and employing other evasion tactics. Coinbase is a…

Hackers linked to the North Korean Lazarus group attempted to steal cryptocurrency from deBridge Finance, a cross-chain protocol that allows for the decentralized transfer of assets between blockchains. The threat actor tricked company employees into…

Since January 2022, over a dozen military-industrial complex enterprises and public institutions in Afghanistan and Europe have been targeted to steal confidential data using six different backdoors. The attacks were attributed "with a high degree of…

Following notification from a security vendor, administrators of the Python Package Index (PyPI) removed ten malicious software code packages from the registry. The incident is the most recent in a long line of recent instances in which threat actors…

Security researchers at Inky have discovered that open redirect vulnerabilities affecting American Express and Snapchat websites were exploited earlier this year as part of phishing campaigns targeting Microsoft 365 users.  The researchers noted…

Security researchers at Cynerio and the Ponemon Institute have recently studied the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices and found multiple alarming trends.  The researchers surveyed…

US convenience store chain 7-Eleven on Monday, August 8th, had to close its outlets in Denmark after a suspected cyberattack knocked out their cash tills.  In a statement, the company noted that all 175 7-Elevens in Denmark could not use the cash…

Enterprise software vendor Twilio has recently been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data.  The company did not provide details…