What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-02-18 07:35:35 | Lee Enterprises newspaper disruptions caused by ransomware attack (lien direct) | Newspaper publishing giant Lee Enterprises has confirmed that a ransomware attack is behind ongoing disruptions impacting the group\'s operations for over two weeks. [...]
Newspaper publishing giant Lee Enterprises has confirmed that a ransomware attack is behind ongoing disruptions impacting the group\'s operations for over two weeks. [...] |
Ransomware | ★★★ | |
|
2025-02-17 11:04:51 | Microsoft spots XCSSET macOS malware variant used for crypto theft (lien direct) | A new variant of the XCSSET macOS modular malware has emerged in attacks that target users\' sensitive information, including digital wallets and data from the legitimate Notes app. [...]
A new variant of the XCSSET macOS modular malware has emerged in attacks that target users\' sensitive information, including digital wallets and data from the legitimate Notes app. [...] |
Malware | ★★ | |
|
2025-02-16 10:15:30 | New FinalDraft malware abuses Outlook mail service for stealthy comms (lien direct) | A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. [...]
A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. [...] |
Malware | ★★ | |
|
2025-02-14 12:32:32 | PirateFi game on Steam caught installing password-stealing malware (lien direct) | A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...]
A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...] |
Malware | ★★★ | |
|
2025-02-14 09:15:47 | PostgreSQL flaw exploited as zero-day in BeyondTrust breach (lien direct) | Rapid7\'s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. [...]
Rapid7\'s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. [...] |
Vulnerability Threat | ★★ | |
|
2025-02-14 07:56:41 | Chinese hackers breach more US telecoms via unpatched Cisco routers (lien direct) | China\'s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. [...]
China\'s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. [...] |
★★★ | ||
|
2025-02-13 18:35:26 | whoAMI attacks give hackers code execution on Amazon EC2 instances (lien direct) | Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. [...]
Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. [...] |
★★★ | ||
|
2025-02-13 12:39:36 | Hacker leaks account data of 12 million Zacks Investment users (lien direct) | Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts. [...]
Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts. [...] |
Data Breach | ★★★ | |
|
2025-02-13 09:31:54 | Chinese espionage tools deployed in RA World ransomware attack (lien direct) | A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors. [...]
A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors. [...] |
Ransomware Tool Threat | ★★ | |
|
2025-02-12 18:08:09 | zkLend loses $9.5M in crypto heist, asks hacker to return 90% (lien direct) | Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. [...]
Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. [...] |
Threat | ★★★ | |
|
2025-02-12 14:24:28 | Sarcoma ransomware claims breach at giant PCB maker Unimicron (lien direct) | A relatively new ransomware operation named \'Sarcoma\' has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan. [...]
A relatively new ransomware operation named \'Sarcoma\' has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan. [...] |
Ransomware | ★★★ | |
|
2025-02-12 06:00:00 | Google fixes flaw that could unmask YouTube users\\' email addresses (lien direct) | Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously. [...]
Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously. [...] |
Vulnerability | ★★★ | |
|
2025-02-11 14:32:57 | Windows 10 KB5051974 update force installs new Microsoft Outlook app (lien direct) | Microsoft has released the KB5051974 cumulative update for Windows 10 22H2 and Windows 10 21H2, which automatically installs the new Outlook for Windows app and fixes a memory leak bug. [...]
Microsoft has released the KB5051974 cumulative update for Windows 10 22H2 and Windows 10 21H2, which automatically installs the new Outlook for Windows app and fixes a memory leak bug. [...] |
★★★ | ||
|
2025-02-11 13:56:13 | Fortinet warns of new zero-day exploited to hijack firewalls (lien direct) | Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. [...]
Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. [...] |
Vulnerability Threat | ★★★ | |
|
2025-02-11 09:24:43 | US sanctions LockBit ransomware\\'s bulletproof hosting provider (lien direct) | The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. [...]
The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. [...] |
Ransomware | ★★ | |
|
2025-02-10 13:46:43 | Hacker pleads guilty to SIM swap attack on US SEC X account (lien direct) | Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. [...]
Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. [...] |
★★★ | ||
|
2025-02-10 10:00:34 | Microsoft raises rewards for Copilot AI bug bounty program (lien direct) | Microsoft announced over the weekend that it has expanded its Microsoft Copilot (AI) bug bounty program and increased payouts for moderate severity vulnerabilities. [...]
Microsoft announced over the weekend that it has expanded its Microsoft Copilot (AI) bug bounty program and increased payouts for moderate severity vulnerabilities. [...] |
Vulnerability | ★★★ | |
|
2025-02-08 10:15:25 | Massive brute force attack uses 2.8 million IPs to target VPN devices (lien direct) | A large-scale brute force password attack using almost 2.8 million IP addresses is underway, attempting to guess the credentials for a wide range of networking devices, including those from Palo Alto Networks, Ivanti, and SonicWall. [...]
A large-scale brute force password attack using almost 2.8 million IP addresses is underway, attempting to guess the credentials for a wide range of networking devices, including those from Palo Alto Networks, Ivanti, and SonicWall. [...] |
★★★ | ||
|
2025-02-07 14:21:16 | HPE notifies employees of data breach after Russian Office 365 hack (lien direct) | Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company\'s Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack. [...]
Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company\'s Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack. [...] |
Data Breach Hack | ★★★ | |
|
2025-02-07 13:42:44 | Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (lien direct) | Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. [...]
Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. [...] |
Vulnerability Threat | ★★★ | |
|
2025-02-07 11:44:32 | US health system notifies 882,000 patients of August 2023 breach (lien direct) | Hospital Sisters Health System notified over 882,000 patients that an August 2023 cyberattack led to a data breach that exposed their personal and health information. [...]
Hospital Sisters Health System notified over 882,000 patients that an August 2023 cyberattack led to a data breach that exposed their personal and health information. [...] |
Data Breach | ★★ | |
|
2025-02-06 15:59:41 | Microsoft says attackers use exposed ASP.NET keys to deploy malware (lien direct) | Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. [...]
Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. [...] |
Malware | ★★★ | |
|
2025-02-06 12:50:54 | Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (lien direct) | Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...]
Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...] |
Ransomware Malware Threat | ★★ | |
|
2025-02-06 11:09:19 | DDoS attacks reportedly behind DayZ and Arma network outages (lien direct) | An ongoing distributed denial of service (DDoS) attack targets Bohemia Interactive\'s infrastructure, preventing players of DayZ and Arma Reforger from playing the games online. [...]
An ongoing distributed denial of service (DDoS) attack targets Bohemia Interactive\'s infrastructure, preventing players of DayZ and Arma Reforger from playing the games online. [...] |
★★ | ||
|
2025-02-06 09:36:11 | British engineering firm IMI discloses breach, shares no details (lien direct) | British-based engineering firm IMI plc has disclosed a security breach after unknown attackers hacked into the company\'s systems. [...]
British-based engineering firm IMI plc has disclosed a security breach after unknown attackers hacked into the company\'s systems. [...] |
★★ | ||
|
2025-02-05 18:16:04 | New Microsoft script updates Windows media with bootkit malware fixes (lien direct) | Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...]
Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...] |
Malware | ★★★ | |
|
2025-02-04 15:16:19 | Crypto-stealing apps found in Apple App Store for the first time (lien direct) | A new campaign dubbed \'SparkCat\' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]
A new campaign dubbed \'SparkCat\' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...] |
Mobile | ★★★★ | |
|
2025-02-04 13:24:20 | Cyber agencies share security guidance for network edge devices (lien direct) | Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. [...]
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. [...] |
★★★ | ||
|
2025-02-04 12:39:40 | Chinese cyberspies use new SSH backdoor in network device hacks (lien direct) | A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. [...]
A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. [...] |
Malware | ★★★ | |
|
2025-02-04 10:01:11 | How hackers target your Active Directory with breached VPN passwords (lien direct) | As the gateways to corporate networks, VPNs are an attractive target for attackers. Learn from Specops Software about how hackers use compromised VPN passwords and how you can protect your organization. [...]
As the gateways to corporate networks, VPNs are an attractive target for attackers. Learn from Specops Software about how hackers use compromised VPN passwords and how you can protect your organization. [...] |
★★★ | ||
|
2025-02-04 04:24:46 | GrubHub data breach impacts customers, drivers, and merchants (lien direct) | Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its systems using a service provider account. [...]
Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its systems using a service provider account. [...] |
Data Breach | ★★★ | |
|
2025-02-03 15:10:22 | Google fixes Android kernel zero-day exploited in attacks (lien direct) | The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. [...]
The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. [...] |
Vulnerability Threat Mobile | ★★ | |
|
2025-02-03 11:33:23 | DeepSeek AI tools impersonated by infostealer malware on PyPI (lien direct) | Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. [...]
Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. [...] |
Malware Tool Threat | ★★★ | |
|
2025-01-31 11:02:22 | Indian tech giant Tata Technologies hit by ransomware attack (lien direct) | Tata Technologies Ltd. had to suspend some of its IT services following a ransomware attack that impacted the company network. [...]
Tata Technologies Ltd. had to suspend some of its IT services following a ransomware attack that impacted the company network. [...] |
Ransomware | ★★★ | |
|
2025-01-31 10:24:38 | Globe Life data breach may impact an additional 850,000 clients (lien direct) | Insurance giant Globe Life finished the investigation into the data breach it suffered last June and says that the incident may have impacted an additional 850,000 customers. [...]
Insurance giant Globe Life finished the investigation into the data breach it suffered last June and says that the incident may have impacted an additional 850,000 customers. [...] |
Data Breach | ★★★ | |
|
2025-01-31 10:12:06 | Mizuno USA says hackers stayed in its network for two months (lien direct) | Mizuno USA, a subsidiary of Mizuno Corporation, one of the world\'s largest sporting goods manufacturers, confirmed in data breach notification letters that unknown attackers stole files from its network between August and October 2024. [...]
Mizuno USA, a subsidiary of Mizuno Corporation, one of the world\'s largest sporting goods manufacturers, confirmed in data breach notification letters that unknown attackers stole files from its network between August and October 2024. [...] |
Data Breach | ★★ | |
|
2025-01-31 08:18:29 | US healthcare provider data breach impacts 1 million patients (lien direct) | Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients that their personal and health information was stolen in an October breach. [...]
Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients that their personal and health information was stolen in an October breach. [...] |
Data Breach Medical | ★★ | |
|
2025-01-30 15:57:47 | Google blocked 2.36 million risky Android apps from Play Store in 2024 (lien direct) | Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. [...]
Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. [...] |
Mobile | ★★★ | |
|
2025-01-30 12:53:13 | Ransomware attack disrupts New York blood donation giant (lien direct) | The New York Blood Center (NYBC), one of the world\'s largest independent blood collection and distribution organizations, says a Sunday ransomware attack forced it to reschedule some appointments. [...]
The New York Blood Center (NYBC), one of the world\'s largest independent blood collection and distribution organizations, says a Sunday ransomware attack forced it to reschedule some appointments. [...] |
Ransomware | ★★ | |
|
2025-01-30 09:33:33 | New Syncjacking attack hijacks devices using Chrome extensions (lien direct) | A new attack called \'Browser Syncjacking\' demonstrates the possibility of using a seemingly benign Chrome extension to take over a victim\'s device through the browser. [...]
A new attack called \'Browser Syncjacking\' demonstrates the possibility of using a seemingly benign Chrome extension to take over a victim\'s device through the browser. [...] |
★★★ | ||
|
2025-01-30 07:00:00 | Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics (lien direct) | A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI\'s safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...]
A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI\'s safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...] |
Malware | ChatGPT | ★★★ |
|
2025-01-29 19:55:06 | New Aquabotv3 botnet malware targets Mitel command injection flaw (lien direct) | A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...] |
Malware Vulnerability | ★★★ | |
|
2025-01-29 19:33:11 | Solana Pump.fun tool DogWifTool compromised to drain wallets (lien direct) | DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...]
DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...] |
Malware Tool | ★★ | |
|
2025-01-29 12:30:09 | FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent (lien direct) | The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...]
The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...] |
★★★★ | ||
|
2025-01-29 11:54:43 | Windows 11\\'s Start menu is getting iPhone and Android integration (lien direct) | Windows 11\'s Start menu is getting a big update with full-fledged Android and iPhone integration. [...]
Windows 11\'s Start menu is getting a big update with full-fledged Android and iPhone integration. [...] |
Mobile | ★★★ | |
|
2025-01-28 16:49:41 | Hackers exploiting flaws in SimpleHelp RMM to breach networks (lien direct) | Hackers are believed to be exploiting recently fixed SimpleHelp Remote Monitoring and Management (RMM) software vulnerabilities to gain initial access to target networks. [...]
Hackers are believed to be exploiting recently fixed SimpleHelp Remote Monitoring and Management (RMM) software vulnerabilities to gain initial access to target networks. [...] |
Vulnerability | ★★★ | |
|
2025-01-28 12:28:15 | Engineering giant Smiths Group discloses security breach (lien direct) | London-based engineering giant Smiths Group disclosed a security breach after unknown attackers gained access to the company\'s systems. [...]
London-based engineering giant Smiths Group disclosed a security breach after unknown attackers gained access to the company\'s systems. [...] |
★★★ | ||
|
2025-01-28 11:27:02 | Signal will let you sync old messages when linking new devices (lien direct) | Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. [...]
Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. [...] |
Mobile | ★★★ | |
|
2025-01-28 10:43:31 | PowerSchool starts notifying victims of massive data breach (lien direct) | Education software giant PowerSchool has started notifying individuals in the U.S. and Canada whose personal data was exposed in a late December 2024 cyberattack. [...]
Education software giant PowerSchool has started notifying individuals in the U.S. and Canada whose personal data was exposed in a late December 2024 cyberattack. [...] |
Data Breach | ★★ | |
|
2025-01-27 16:00:54 | Bitwarden makes it harder to hack password vaults without MFA (lien direct) | Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. [...]
Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. [...] |
Hack | ★★★ |
To see everything:
Our RSS (filtrered)
