What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-01-06 15:58:23 | CISA says recent government hack limited to US Treasury (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that the Treasury Department breach disclosed last week did not impact other federal agencies. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that the Treasury Department breach disclosed last week did not impact other federal agencies. [...] |
Hack | ★★★ | |
|
2025-01-06 09:54:56 | Eagerbee backdoor deployed against Middle Eastern govt orgs, ISPs (lien direct) | New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. [...]
New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. [...] |
Malware | ★★★ | |
|
2025-01-04 10:16:26 | New FireScam Android data-theft malware poses as Telegram Premium app (lien direct) | A new Android malware named \'FireScam\' is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia\'s app market for mobile devices. [...]
A new Android malware named \'FireScam\' is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia\'s app market for mobile devices. [...] |
Malware Mobile | ★★★ | |
|
2025-01-03 09:20:00 | French govt contractor Atos denies Space Bears ransomware attack claims (lien direct) | French tech giant Atos, which secures communications for the country\'s military and secret services, has denied claims made by the Space Bears ransomware gang that they compromised one of its databases. [...]
French tech giant Atos, which secures communications for the country\'s military and secret services, has denied claims made by the Space Bears ransomware gang that they compromised one of its databases. [...] |
Ransomware | ★★★ | |
|
2025-01-02 17:51:01 | Ransomware gang leaks data stolen in Rhode Island\\'s RIBridges Breach (lien direct) | The Brain Cipher ransomware gang has begun to leak documents stolen in an attack on Rhode Island\'s "RIBridges" social services platform. [...]
The Brain Cipher ransomware gang has begun to leak documents stolen in an attack on Rhode Island\'s "RIBridges" social services platform. [...] |
Ransomware | ★★ | |
|
2025-01-02 15:26:11 | New DoubleClickjacking attack exploits double-clicks to hijack accounts (lien direct) | A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing existing protections against these types of attacks. [...]
A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing existing protections against these types of attacks. [...] |
★★ | ||
|
2025-01-02 13:09:03 | Chinese hackers targeted sanctions office in Treasury attack (lien direct) | Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. [...]
Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. [...] |
★★ | ||
|
2024-12-31 10:13:12 | Over 3.1 million fake "stars" on GitHub projects used to boost rankings (lien direct) | GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories to appear more popular, helping them reach more unsuspecting users. [...]
GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories to appear more popular, helping them reach more unsuspecting users. [...] |
Malware | ★★ | |
|
2024-12-30 04:18:10 | AT&T and Verizon say networks secure after Salt Typhoon breach (lien direct) | AT&T and Verizon confirmed they were breached in a massive Chinese espionage campaign targeting telecom carriers worldwide but said the hackers have now been evicted from their networks. [...]
AT&T and Verizon confirmed they were breached in a massive Chinese espionage campaign targeting telecom carriers worldwide but said the hackers have now been evicted from their networks. [...] |
★★ | ||
|
2024-12-29 10:09:28 | Malware botnets exploit outdated D-Link routers in recent attacks (lien direct) | Two botnets tracked as \'Ficora\' and \'Capsaicin\' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. [...]
Two botnets tracked as \'Ficora\' and \'Capsaicin\' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. [...] |
Malware Threat | ★★ | |
|
2024-12-28 11:57:28 | Hackers steal ZAGG customers\\' credit cards in third-party breach (lien direct) | ZAGG Inc. is informing customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a third-party application provided by the company\'s e-commerce provider, BigCommerce. [...]
ZAGG Inc. is informing customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a third-party application provided by the company\'s e-commerce provider, BigCommerce. [...] |
★★ | ||
|
2024-12-27 15:02:03 | White House links ninth telecom breach to Chinese hackers (lien direct) | A White House official has added a ninth U.S. telecommunications company to the list of telecoms breached in a Chinese hacking campaign that impacted dozens of countries. [...]
A White House official has added a ninth U.S. telecommunications company to the list of telecoms breached in a Chinese hacking campaign that impacted dozens of countries. [...] |
★★★ | ||
|
2024-12-27 11:33:21 | Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (lien direct) | Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. [...]
Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. [...] |
Vulnerability Threat | ★★★ | |
|
2024-12-27 10:39:23 | Cybersecurity firm\\'s Chrome extension hijacked to steal users\\' data (lien direct) | At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users. [...]
At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users. [...] |
Threat | ★★ | |
|
2024-12-26 11:53:10 | New \\'OtterCookie\\' malware used to backdoor devs in fake job offers (lien direct) | North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers. [...]
North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers. [...] |
Malware Threat | ★★★ | |
|
2024-12-24 15:04:03 | New botnet exploits vulnerabilities in NVRs, TP-Link routers (lien direct) | A new Mirai-based malware campaign is actively exploiting unpatched vulnerabilities in Internet of Things (IoT) devices, including DigiEver DS-2105 Pro DVRs. [...]
A new Mirai-based malware campaign is actively exploiting unpatched vulnerabilities in Internet of Things (IoT) devices, including DigiEver DS-2105 Pro DVRs. [...] |
Malware Vulnerability | ★★ | |
|
2024-12-24 09:02:57 | FBI links North Korean hackers to $308 million crypto heist (lien direct) | The North Korean hacker group \'TraderTraitor\' stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May. [...]
The North Korean hacker group \'TraderTraitor\' stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May. [...] |
★★ | ||
|
2024-12-24 08:02:00 | Clop ransomware threatens 66 Cleo attack victims with data leak (lien direct) | The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to respond to the demands. [...]
The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to respond to the demands. [...] |
Ransomware | ★★★ | |
|
2024-12-23 11:37:40 | US court finds spyware maker NSO liable for WhatsApp hacks (lien direct) | A U.S. federal judge has ruled that Israeli spyware maker NSO Group violated U.S. hacking laws by using WhatsApp zero-days to deploy Pegasus spyware on at least 1,400 devices. [...]
A U.S. federal judge has ruled that Israeli spyware maker NSO Group violated U.S. hacking laws by using WhatsApp zero-days to deploy Pegasus spyware on at least 1,400 devices. [...] |
★★★★ | ||
|
2024-12-20 12:47:54 | Malicious Rspack, Vant packages published using stolen NPM tokens (lien direct) | Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. [...]
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. [...] |
Threat | ★★★ | |
|
2024-12-20 11:48:25 | US charges Russian-Israeli as suspected LockBit ransomware coder (lien direct) | The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. [...]
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. [...] |
Ransomware Malware | ★★★ | |
|
2024-12-20 08:00:00 | Krispy Kreme breach, data theft claimed by Play ransomware gang (lien direct) | The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November. [...]
The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November. [...] |
Ransomware | ★★★ | |
|
2024-12-20 07:05:33 | Ascension: Health data of 5.6 million stolen in ransomware attack (lien direct) | Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. [...]
Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. [...] |
Ransomware Medical | ★★★ | |
|
2024-12-19 17:01:58 | BadBox malware botnet infects 192,000 Android devices despite disruption (lien direct) | The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. [...]
The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. [...] |
Malware Mobile | ★★ | |
|
2024-12-19 13:59:26 | Android malware found on Amazon Appstore disguised as health app (lien direct) | A malicious Android spyware application named \'BMI CalculationVsn\' was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. [...]
A malicious Android spyware application named \'BMI CalculationVsn\' was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. [...] |
Malware Tool Mobile | ★★ | |
|
2024-12-19 13:27:00 | Juniper warns of Mirai botnet scanning for Session Smart routers (lien direct) | Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. [...]
Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. [...] |
Malware | ★★★ | |
|
2024-12-18 18:16:48 | Ongoing phishing attack abuses Google Calendar to bypass spam filters (lien direct) | An ongoing phishing scam is abusing Google Calendar invites and Google Drawings pages to steal credentials while bypassing spam filters. [...]
An ongoing phishing scam is abusing Google Calendar invites and Google Drawings pages to steal credentials while bypassing spam filters. [...] |
Spam | ★★★ | |
|
2024-12-18 16:58:26 | Raccoon Stealer malware operator gets 5 years in prison after guilty plea (lien direct) | Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. [...]
Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. [...] |
Malware Legislation | ★★ | |
|
2024-12-17 17:29:44 | \\'Bitter\\' cyberspies target defense orgs with new MiyaRAT malware (lien direct) | A cyberespionage threat group known as \'Bitter\' was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. [...]
A cyberespionage threat group known as \'Bitter\' was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. [...] |
Malware Threat | ★★★ | |
|
2024-12-17 17:04:40 | New fake Ledger data breach emails try to steal crypto wallets (lien direct) | A new Ledger phishing campaign is underway that pretends to be a data breach notification asking you to verify your recovery phrase, which is then stolen and used to steal your cryptocurrency. [...]
A new Ledger phishing campaign is underway that pretends to be a data breach notification asking you to verify your recovery phrase, which is then stolen and used to steal your cryptocurrency. [...] |
Data Breach | ★★ | |
|
2024-12-17 11:06:54 | Ireland fines Meta $264 million over 2018 Facebook data breach (lien direct) | The Irish Data Protection Commission (DPC) fined Meta €251 million ($263.6M) over General Data Protection Regulation (GDPR) violations arising from a 2018 personal data breach impacting 29 million Facebook accounts. [...]
The Irish Data Protection Commission (DPC) fined Meta €251 million ($263.6M) over General Data Protection Regulation (GDPR) violations arising from a 2018 personal data breach impacting 29 million Facebook accounts. [...] |
Data Breach | ★ | |
|
2024-12-17 10:02:12 | Might need a mass password reset one day? Read this first. (lien direct) | Organizations are often caught off-guard when a data breaches occurs, forcing them to quickly perform mass password resets Learn from Specops Software about some of the common mass password reset scenarios and the challenges you may face. [...]
Organizations are often caught off-guard when a data breaches occurs, forcing them to quickly perform mass password resets Learn from Specops Software about some of the common mass password reset scenarios and the challenges you may face. [...] |
★★ | ||
|
2024-12-16 17:22:35 | FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (lien direct) | The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. [...]
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. [...] |
Malware | ★★ | |
|
2024-12-16 17:17:16 | Texas Tech University System data breach impacts 1.4 million patients (lien direct) | The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. [...]
The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. [...] |
Data Breach | ★★ | |
|
2024-12-16 14:32:07 | Malicious ads push Lumma infostealer via fake CAPTCHA pages (lien direct) | A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. [...]
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. [...] |
Malware | ★★★ | |
|
2024-12-16 12:28:35 | ConnectOnCall breach exposes health data of over 910,000 patients (lien direct) | Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall. [...]
Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall. [...] |
Medical | ★★ | |
|
2024-12-16 11:51:49 | Rhode Island confirms data breach after Brain Cipher ransomware attack (lien direct) | Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents\' personal information after the Brain Cipher ransomware gang hacked its systems. [...]
Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents\' personal information after the Brain Cipher ransomware gang hacked its systems. [...] |
Ransomware Data Breach | Deloitte | ★★ |
|
2024-12-16 10:06:16 | New Android NoviSpy spyware linked to Qualcomm zero-day bugs (lien direct) | The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named \'NoviSpy,\' used to spy on activists, journalists, and protestors. [...]
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named \'NoviSpy,\' used to spy on activists, journalists, and protestors. [...] |
Vulnerability Threat Mobile | ★★ | |
|
2024-12-15 15:15:00 | Clop ransomware claims responsibility for Cleo data theft attacks (lien direct) | The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. [...]
The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. [...] |
Ransomware Vulnerability Threat | ★★★ | |
|
2024-12-14 10:17:27 | 390,000 WordPress accounts stolen from hackers in supply chain attack (lien direct) | A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. [...]
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. [...] |
Threat | ★★ | |
|
2024-12-13 17:10:23 | Citrix shares mitigations for ongoing Netscaler password spray attacks (lien direct) | Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. [...]
Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. [...] |
Cloud | ★★ | |
|
2024-12-13 12:43:23 | Russian cyberspies target Android users with new spyware (lien direct) | Russian cyberspies Gamaredon has been discovered using two Android spyware families named \'BoneSpy\' and \'PlainGnome\' to spy on and steal data from mobile devices. [...]
Russian cyberspies Gamaredon has been discovered using two Android spyware families named \'BoneSpy\' and \'PlainGnome\' to spy on and steal data from mobile devices. [...] |
Mobile | ★★ | |
|
2024-12-13 10:22:05 | Germany blocks BadBox malware loaded on 30,000 Android devices (lien direct) | Germany\'s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...]
Germany\'s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...] |
Malware Mobile | ★★ | |
|
2024-12-12 17:35:24 | New stealthy Pumakit Linux rootkit malware spotted in the wild (lien direct) | A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. [...]
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. [...] |
Malware | ★★★ | |
|
2024-12-12 15:46:32 | New IOCONTROL malware used in critical infrastructure attacks (lien direct) | Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...]
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...] |
Malware Threat Industrial | ★★★ | |
|
2024-12-12 11:02:37 | Bitcoin ATM firm Byte Federal hacked via GitLab flaw, 58K users exposed (lien direct) | US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. [...]
US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. [...] |
Data Breach Vulnerability | ★★★ | |
|
2024-12-11 16:03:24 | New EagleMsgSpy Android spyware used by Chinese police, researchers say (lien direct) | A previously undocumented Android spyware called \'EagleMsgSpy\' has been discovered and is believed to be used by law enforcement agencies in China to monitor mobile devices. [...]
A previously undocumented Android spyware called \'EagleMsgSpy\' has been discovered and is believed to be used by law enforcement agencies in China to monitor mobile devices. [...] |
Legislation Mobile | ★★★ | |
|
2024-12-11 12:00:00 | Russian cyber spies hide behind other hackers to target Ukraine (lien direct) | Russian cyber-espionage group Turla, aka "Secret Blizzard," is utilizing other threat actors\' infrastructure to target Ukrainian military devices connected via Starlink. [...]
Russian cyber-espionage group Turla, aka "Secret Blizzard," is utilizing other threat actors\' infrastructure to target Ukrainian military devices connected via Starlink. [...] |
Threat | ★★★ | |
|
2024-12-10 10:09:52 | New Cleo zero-day RCE flaw exploited in data theft attacks (lien direct) | Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. [...]
Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. [...] |
Vulnerability Threat | ★★★ | |
|
2024-12-10 10:01:11 | Inside the incident: Uncovering an advanced phishing attack (lien direct) | Recently, Varonis investigated a phishing campaign in which a malicious email enabled a threat actor to access the organization. This blog post will reveal the tactics used to avoid detection and share what was discovered during the investigation. [...]
Recently, Varonis investigated a phishing campaign in which a malicious email enabled a threat actor to access the organization. This blog post will reveal the tactics used to avoid detection and share what was discovered during the investigation. [...] |
Threat | ★★★ |
To see everything:
Our RSS (filtrered)
