The cloud-based repository hosting service, GitHub, has disclosed that an unknown adversary used stolen OAuth user credentials to extract sensitive data from various organizations. GitHub’s Mike Hanley revealed the abuse of stolen OAuth user tokens…

During a new study by Check Point Research, the cybersecurity vendor found that LinkedIn has become by far the most impersonated brand for phishing attacks.  The researchers revealed that phishing attacks impersonating the professional social…

According to an advisory recently published by the cloud-protection firm Aqua Security, attackers are scanning for data-science applications such as Jupyter Notebook and JupyterLab, along with cloud servers and containers for misconfigurations. Aqua…

The new information-stealing malware that Cisco Talos researchers identified last month, which they have dubbed ZingoStealer, is now being shared on Telegram by a collective of cybercriminals called Haskers Gang. They have been targeting Russian speakers…

The Federal Bureau of Investigation (FBI) warns of a new phishing scheme aimed at tricking victims into making money transfers to accounts controlled by cybercriminals.  During the attacks, the adversaries target users of digital payment…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has published a guide on the type of cyber incidents that critical infrastructure entities should be sharing with the government and how they should be sharing…

NATO's large, annual cyber wargames, known as the Locked Shields exercise, will bring together technical experts from alliance countries and Ukraine on Tuesday.  The North Atlantic Treaty Organization's Cooperative Cyber Defense Centre of Excellence…

A team of researchers at Texas A&M University has designed new easy-to-use methods to counter vulnerabilities contained by push notification-based two-factor authentication (2FA) systems. Many online services have implemented push notification-based…

Researchers at Symantec have detected signs of North Korea's Lazarus Advanced Persistent Threat (APT) group targeting the chemical sector. The Lazarus group's latest attacks against the chemical sector and IT companies in South Korea indicate the…

The likelihood of accidental or deliberate misuse of biological research increases as biotechnology increases. At the same time, public sharing of research data and protocols, and other open science practices, have become more widespread. James Smith and…

The MetroHealth System in Cleaveland, Ohio, recently discovered that it had been the victim of a data breach involving 1700 of its patients.  In a recent statement, MetroHealth announced that on November 13, while the health system’s electronic…

The developer of a popular WordPress plugin has updated its product to fix a critical vulnerability that could be exploited to change the appearance of websites.  Elementor is marketed as a leading website building platform for WordPress, enabling…