Nissan Motor Co. Ltd. (Nissan) has confirmed that information of thousands of its customers has been compromised after the data breach at Red Hat in September. […]
New MacSync malware dropper evades macOS Gatekeeper checks
The latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application. […]
Interpol-led action decrypts 6 ransomware strains, arrests hundreds
An Interpol-coordinated initiative called Operation Sentinel led to the arrest of 574 individuals and the recovery of $3 million linked to business email compromise, extortion, and ransomware incidents. […]
Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker’s device to a victim’s WhatsApp account.
The package, named “lotusbail,” has been downloaded over 56,000 times since it was first uploaded to the registry by a user named “
The package, named “lotusbail,” has been downloaded over 56,000 times since it was first uploaded to the registry by a user named “
Malicious npm package steals WhatsApp accounts and messages
A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. […]
Romanian water authority hit by ransomware attack over weekend
Romanian Waters (Administrația Națională Apele Române), the country’s water management authority, was hit by a ransomware attack over the weekend. […]
Rising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT Investigator
Shannon Miller shares her approach to creating domestic safety and a call to the cyber community to help reduce harm.
The post Rising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT Investigator appeared first on SecurityWeek.
University of Phoenix data breach impacts nearly 3.5 million individuals
The Clop ransomware gang has stolen the data of nearly 3.5 million University of Phoenix (UoPX) students, staff, and suppliers after breaching the university’s network in August. […]
Coupang breach affecting 33.7 million users raises data protection questions
Coupang disclosed a data breach affecting 33.7 million customers after unauthorized access to personal data went undetected for nearly five months. Penta Security explains how the incident highlights insider credential abuse risks and why encrypting customer data beyond legal requirements can reduce exposure and limit damage. […]
54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware
The suspects are leaders and members of the Venezuelan crime syndicate Tren de Aragua.
The post 54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware appeared first on SecurityWeek.