The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim’s network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows. […]
US seizes domain of Garantex crypto exchange used by ransomware gangs
The U.S. Secret Service has seized the domain of the sanctioned Russian cryptocurrency exchange Garantex in collaboration with the Department of Justice’s Criminal Division, the FBI, and Europol. […]
Cybercrime ‘crew’ stole $635,000 in Taylor Swift concert tickets
New York prosecutors say that two people working at a third-party contractor for the StubHub online ticket marketplace made $635,000 after almost 1,000 concert tickets and reselling them online. […]
Ethereum private key stealer on PyPI downloaded over 1,000 times
A malicious Python Package Index (PyPI) package named “set-utils” has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the Polygon blockchain. […]
Microsoft 365 apps will prompt users to back up files in OneDrive
Starting mid-March 2025, Microsoft will start prompting users of its Microsoft 365 apps for Windows to back up their files to OneDrive. […]
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. […]
Free vCISO Course: Turning MSPs and MSSPs into Cybersecurity Powerhouses
The vCISO Academy is a free learning platform to equip service providers with training needed to build and expand their vCISO offerings. Learn more from Cynomi on how the Academy helps you launch or expand your vCISO services. […]
Malicious Chrome extensions can spoof password managers in new attack
A newly devised “polymorphic” attack allows malicious Chrome extensions to morph into browser extensions, including password managers, crypto wallets, and banking apps, to steal sensitive information. […]
Federal Contractor Cybersecurity Bill Passes House
The House of Representatives has passed a bill aimed at requiring federal contractors to have a Vulnerability Disclosure Policy (VDP).
The post Federal Contractor Cybersecurity Bill Passes House appeared first on SecurityWeek.
Nigerian Accused of Hacking Tax Preparation Firms Extradited to US
Matthew Akande was extradited to the US to face charges for his role in hacking into Massachusetts tax preparation firms’ networks.
The post Nigerian Accused of Hacking Tax Preparation Firms Extradited to US appeared first on SecurityWeek.