data breach

CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited

Sep 04, 2025Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, noting that there…

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers

Sep 03, 2025Ravie LakshmananMalware / Social Engineering Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on…

Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure

Sep 03, 2025Ravie LakshmananArtificial Intelligence / Vulnerability Threat actors are attempting to leverage a newly released artificial intelligence (AI) offensive security tool called HexStrike AI to exploit recently disclosed security flaws. HexStrike AI, according to…

Detecting Data Leaks Before Disaster

In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting more than 1 million sensitive log streams at risk. According to the Wiz Research team,…

Google Patches 120 Flaws, Including Two Zero-Days Under Attack

Sep 03, 2025Ravie LakshmananMobile Security / Vulnerability Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that…

Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats

Sep 03, 2025Ravie LakshmananData Breach / Cyber Espionage An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world. The…

Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack

Sep 03, 2025Ravie LakshmananThreat Intelligence / Network Security Cloudflare on Tuesday said it automatically mitigated a record-setting volumetric distributed denial-of-service (DDoS) attack that peaked at 11.5 terabits per second (Tbps). “Over the past few weeks,…

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

Sep 03, 2025Ravie LakshmananVulnerability / Mobile Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV)…

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Sep 03, 2025Ravie LakshmananData Breach / Threat Intelligence, Salesloft on Tuesday announced that it’s taking Drift temporarily offline “in the very near future,” as multiple companies have been ensnared in a far-reaching supply chain attack…

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE

Sep 02, 2025Ravie LakshmananMalware / Threat Intelligence The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT,…

« Previous
1
…
75
76
77
78
79
…
381
Next »