data breach

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

Aug 30, 2025Ravie LakshmananZero-Day / Vulnerability WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a…

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

Aug 29, 2025Ravie LakshmananVulnerability / Web Security Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. The flaws, per watchTowr…

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence…

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks…

Can Your Security Stack See ChatGPT? Why Network Visibility Matters

Aug 29, 2025The Hacker NewsEnterprise Security / Artificial Intelligence Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data…

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page

Aug 29, 2025Ravie LakshmananVulnerability / Enterprise Security Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The issue, which…

FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available

Aug 29, 2025Ravie LakshmananZero-Day / Vulnerability The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the…

Feds Seize .4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain

Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain

Aug 29, 2025Ravie LakshmananCryptocurrency / Cybercrime Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world. To…

Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations

Aug 29, 2025Ravie LakshmananData Breach / Salesforce Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations.…

TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies

Aug 29, 2025Ravie LakshmananMalware / Windows Security Cybersecurity researchers have discovered a cybercrime campaign that’s using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef. “The objective is…

« Previous
1
…
77
78
79
80
81
…
381
Next »