On March 20, a relatively unknown user on Breach Forums posted the allegation that Oracle had suffered a data breach. According to published reports, the attacker claimed that 6 million customer...
Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.
This is a guide on how to check whether someone compromised your online accounts.
Microsoft is partnering with top firms to launch new AI security tools, boosting breach analysis, threat detection, and AI model protection across cloud platforms.
The crypto lending platform said the issue was sourced back to a product it calls “cauldrons” — isolated lending markets that allow users to borrow against a variety of cryptocurrencies.
Connor Riley Moucka signed a consent order on Friday in Ontario Superior Court in Kitchener that would allow him to be transferred to U.S. custody to face multiple charges.
Satellite navigation systems are under rising threat from jamming and spoofing attacks, risking aviation, maritime, and telecom safety worldwide, warn global agencies.
A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin. "Raspberry Robin (also known as Roshtyak or Storm-0856) is a...
An Intelligence Committee hearing focused on the security risks of a cabinet-level group chat that included a reporter from The Atlantic. The post Senators criticize Trump officials’ discussion of...
Computer outages at Malaysia’s Kuala Lumpur International Airport (KLIA) this weekend were attributed to a recent cyberattack, according to the country’s cybersecurity agency and aviation authority.
A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident...
McAfee researchers have identified a new wave of Android malware campaigns leveraging .NET MAUI to steal sensitive user information through fake apps
Researchers from Sygnia have responded to a stealthy and persistent China-linked threat actor targeting a major telecommunications company... The post Sygnia details Weaver Ant tactics in battle...
Dragos Inc., vendor of cybersecurity solutions for operational technology (OT) environments, announced on Tuesday that the Dragos Community Defense... The post Dragos announces OT cybersecurity...
23andMe holds millions of customers' genetic information. Here's what you can do to protect your data.
A widespread campaign with binaries written in different source languages, ReaderUpdate contains unique challenges for detection and analysis.
Organizations now use an average of 112 SaaS applications—a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10...
Cybercriminals are increasingly leveraging Atlantis AIO, which automates credential stuffing attacks across more than 140 platforms
McAfee Labs reveals new Android malware exploiting .NET MAUI to steal user data. Learn about advanced evasion techniques and how to stay protected.
Signal is in the news for all the wrong reasons. Here's what to know about it and why it remains a top choice for protecting conversations.
CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. [...]
GitHub is an invaluable platform used by app developers to manage workflows, maintain version control and more. But recent attacks using compromised GitHub actions are a reminder of the importance...
Cloudflare has announced that its R2 object storage and dependent services experienced an outage lasting 1 hour and 7 minutes, causing 100% write and 35% read failures globally. [...]
2025-03-23 • AviaB • AviaB • win.vidar Open article on Malpedia
2025-03-12 • YouTube (John Hammond) • John Hammond • elf.blackbasta, win.blackbasta Open article on Malpedia
2025-03-18 • Expel • AARON WALTON • elf.blackbasta, win.blackbasta Open article on Malpedia
2025-03-18 • Trellix • Jambul Tologonov, John Fokker • elf.blackbasta, win.blackbasta Open article on Malpedia
Alisa Viejo, United States, 25th March 2025, CyberNewsWire
2025-03-12 • CISA • CISA, FBI, MS-ISAC Open article on Malpedia
Broadcom released security updates today to fix a high-severity authentication bypass vulnerability in VMware Tools for Windows. [...]