The U.S. Federal Judiciary confirms that it suffered a cyberattack on its electronic case management systems hosting confidential court documents and is strengthening cybersecurity measures. […]
Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector
As attackers target help desks and identity systems, traditional security perimeters are proving insufficient against agile, socially-engineered threats.
The post Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector appeared first on SecurityWeek.
In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment
Noteworthy stories that might have slipped under the radar: federal court filing system hack, Chanel data breach, emergency CISA directive.
The post In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment appeared first on SecurityWeek.
Black Hat USA 2025 – Summary of Vendor Announcements (Part 4)
Many companies are showcasing their products and services this week at the 2025 edition of the Black Hat conference in Las Vegas.
The post Black Hat USA 2025 – Summary of Vendor Announcements (Part 4) appeared first on SecurityWeek.
Leaked Credentials Up 160%: What Attackers Are Doing With Them
When an organization’s credentials are leaked, the immediate consequences are rarely visible—but the long-term impact is far-reaching. Far from the cloak-and-dagger tactics seen in fiction, many real-world cyber breaches begin with something deceptively simple: a username and password.
According to Verizon’s 2025 Data Breach Investigations Report, leaked credentials accounted for 22% of breaches
According to Verizon’s 2025 Data Breach Investigations Report, leaked credentials accounted for 22% of breaches
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes
A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users.
The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket. Cumulatively, the gems have been
The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket. Cumulatively, the gems have been
Microsoft 365 apps to soon block file access via FPRPC by default
Microsoft has announced that the Microsoft 365 apps for Windows will start blocking access to files via the insecure FPRPC legacy authentication protocol by default starting late August. […]
Columbia University Data Breach Impacts 860,000
Columbia University has been targeted in a cyberattack where hackers stole the personal information of students, applicants, and employees.
The post Columbia University Data Breach Impacts 860,000 appeared first on SecurityWeek.
Microsoft will kill the Lens PDF scanner app for iOS, Android
Microsoft announced that it will phase out the Microsoft Lens PDF scanner app for Android and iOS devices starting September 15, 2025. […]
Columbia University data breach impacts nearly 870,000 individuals
An unknown threat actor has stolen the sensitive personal, financial, and health information of nearly 870,000 Columbia University current and former students and employees after breaching the university’s network in May. […]