The Clear Linux OS team has announced the shutdown of the project, marking the end of its 10-year existence in the open-source ecosystem. […]
Ring denies breach after users report suspicious logins
Ring is warning that a backend update bug is responsible for customers seeing a surge in unauthorized devices logged into their account on May 28th. […]
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX.
Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool it tracks
Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool it tracks
China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region.
“The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware,” Kaspersky researchers Denis Kulik and Daniil Pogorelov said. “One of the C2s [command-and-control servers] was a captive
“The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware,” Kaspersky researchers Denis Kulik and Daniil Pogorelov said. “One of the C2s [command-and-control servers] was a captive
ExpressVPN bug leaked user IPs in Remote Desktop sessions
ExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual private network (VPN) tunnel, exposing the users’ real IP addresses. […]
Veeam Recovery Orchestrator users locked out after MFA rollout
Veeam warned customers today that a recently released Recovery Orchestrator version blocks Web UI logins after enabling multi-factor authentication (MFA). […]
Dior begins sending data breach notifications to U.S. customers
The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. […]
Iranian APT Targets Android Users With New Variants of DCHSpy Spyware
Iranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel.
The post Iranian APT Targets Android Users With New Variants of DCHSpy Spyware appeared first on SecurityWeek.
⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected.
These attacks don’t depend on zero-days. They work by staying unnoticed—slipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious now blends in, thanks to
These attacks don’t depend on zero-days. They work by staying unnoticed—slipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious now blends in, thanks to
Marketing, Law Firms Say Data Breaches Impact Over 200,000 People
Cierant Corporation and Zumpano Patricios independently disclosed data breaches, each impacting more than 200,000 individuals.
The post Marketing, Law Firms Say Data Breaches Impact Over 200,000 People appeared first on SecurityWeek.