Wealthsimple Confirms Data Breach After Supply Chain Attack
Wealthsimple confirmed a third-party vendor data breach affecting roughly 30,000 customers
Information Security Magazine
MostereRAT Targets Windows Users With Stealth Tactics
20 hours 28 minutes ago
Phishing campaign unveiled MostereRAT, targeting Windows systems with advanced evasion techniques
Remote Access Abuse Biggest Pre-Ransomware Indicator
21 hours 13 minutes ago
Cisco Talos found that abuse of remote services and remote access software are the most prevalent ‘pre-ransomware’ tactics deployed by threat actors
Qualys, Tenable Latest Victims of Salesloft Drift Hack
1 day ago
Palo Alto Networks, Cloudflare and Zscaler were also among confirmed victims of the attack
GhostAction Supply Chain Attack Compromises 3000+ Secrets
1 day ago
Security researchers have discovered a new malicious campaign impacting hundreds of GitHub users
SAP S/4HANA Users Urged to Patch Critical Exploited Bug
1 day 2 hours ago
Critical SAP S/4HANA vulnerability CVE-2025-42957 is being exploited in the wild
Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America
3 days 19 hours ago
Bridgestone Americas confirmed the incident but has not detailed the scope of the attack
South Carolina School District Data Breach Affects 31,000 People
3 days 20 hours ago
An investigation has revealed that files were stolen in a data breach affecting a South Carolina school district
macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security
3 days 23 hours ago
Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps
US and 14 Allies Release Joint Guidance on Software Bill of Materials
4 days 2 hours ago
The joint guidance is a welcome first step towards a common, global adoption of SBOMs, experts argued
61% of US Companies Hit by Insider Data Breaches
4 days 2 hours ago
The OPSWAT report found that insider breaches cost impacted firms $2.7m on average due to factors such as regulatory fines and diminished productivity
GhostRedirector Emerges as New China-Aligned Threat Actor
4 days 19 hours ago
A newly identified hacking group named GhostRedirector has compromised 65 Windows servers using previously unknown tools
North Korean Hackers Exploit Threat Intel Platforms For Phishing
4 days 19 hours ago
North Korean hackers have been observed exploiting cyber threat intelligence platforms in a campaign targeting job seekers with malware-laced lures
CMS Provider Sitecore Patches Exploited Critical Zero Day
4 days 22 hours ago
Google Cloud’s Mandiant successfully disrupted an active ViewState deserialization attack affecting Sitecore deployments
Scattered Spider-Linked Group Claims JLR Cyber-Attack
4 days 23 hours ago
JLR said it is investigating following claims by the actor “Scattered Lapsus$ Hunters” that it had stolen data from the firm and had issued an extortion demand
Threat Actors Abuse Hexstrike-AI Tool to Accelerate Exploitation
5 days 1 hour ago
Hackers are using legitimate red team tool Hexstrike-AI to simplify and speed up vulnerability exploitation
Healthcare Sector Takes 58 Days to Resolve Serious Vulnerabilities
5 days 2 hours ago
A new Cobalt study finds healthcare organizations among the slowest at resolving serious vulnerabilities
Malicious npm Packages Exploit Ethereum Smart Contracts
5 days 20 hours ago
A malicious campaign using Ethereum smart contracts has been observed targeting developers via npm and GitHub
Russian APT28 Expands Arsenal with 'NotDoor' Outlook Backdoor
5 days 22 hours ago
The backdoor is a sophisticated VBA-based malware targeting Microsoft Outlook
Major IPTV Piracy Network Uncovered Spanning 1100 Domains
5 days 22 hours ago
A massive IPTV privacy network has been uncovered distributing unlicensed content from major brands including Apple TV, Disney+, HBO, Netflix and more
Checked
11 hours 58 minutes ago