Skip to content
cyber security updates Page 9

cyber security updates

Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit

Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit

Oct 02, 2024Ravie LakshmananVulnerability / Data Breach Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as… 

Read More »Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations

Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations

Oct 02, 2024Ravie LakshmananCyber Threat / Malware Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack.… 

Read More »Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations
Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw

Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw

Oct 02, 2024The Hacker NewsEmail Security / Vulnerability Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the… 

Read More »Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data

PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data

Oct 02, 2024The Hacker NewsSupply Chain Attack / Cryptocurrency A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only… 

Read More »PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition

AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition

The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what’s called “Seed Phrase Image Recognition.”… 

Read More »AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

Oct 01, 2024The Hacker NewsGenerative AI / Data Protection Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However,… 

Read More »5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials

Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials

More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it’s being used by a large number of cybercriminals to conduct credential… 

Read More »Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials
New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet

Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers… 

Read More »New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet
U.K. Hacker Charged in .75 Million Insider Trading Scheme Using Hacked Executive Emails

U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails

Oct 01, 2024Ravie LakshmananCorporate Security / Financial Fraud The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits.… 

Read More »U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails