data breach

Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits

Jan 30, 2025Ravie LakshmananWeb Security / Vulnerability Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.…

New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks

Jan 30, 2025Ravie LakshmananVulnerability / IoT Security A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network…

Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks

Jan 29, 2025Ravie LakshmananThreat Intelligence / Malware The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee its command-and-control (C2) infrastructure, giving the adversary the…

MGM Resorts settles lawsuits after millions of customer records stolen in data breaches

by Zack Whittaker
January 29, 2025
I.T. Today
2 min read

Hotel and casino giant MGM Resorts has agreed to pay $45 million to settle more than a dozen class action lawsuits after hackers stole personal data on millions of customers in two separate cyberattacks. MGM…

What’s Effective and What’s Not – Insights from 200 Experts

Jan 29, 2025The Hacker NewsThreat Detection / Artificial Intelligence Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s…

New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits

A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like…

How Interlock Ransomware Infects Healthcare Organizations

Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change…

Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution

Jan 29, 2025Ravie LakshmananVulnerability / Threat Intelligence A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution…

UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents

Jan 29, 2025Ravie LakshmananCyber Espionage / Threat Intelligence The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal…

Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer

Jan 29, 2025Ravie LakshmananVulnerability / Software Security Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access. The vulnerability, tracked…

« Previous
1
…
189
190
191
192
193
…
383
Next »