Apple has released emergency security updates to patch a zero-day vulnerability that the company says was exploited in targeted and “extremely sophisticated” attacks. […]
Category Added in a WPeMatico Campaign
Hacker pleads guilty to SIM swap attack on US SEC X account
Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. […]
Police arrests 4 Phobos ransomware suspects, seizes 8Base sites
A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base’s dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide. […]
Cyberattack disrupts Lee newspapers’ operations across the US
Lee Enterprises, one of the largest newspaper groups in the United States, says a cyberattack that hit its systems caused an outage last week and impacted its operations. […]
Microsoft raises rewards for Copilot AI bug bounty program
Microsoft announced over the weekend that it has expanded its Microsoft Copilot (AI) bug bounty program and increased payouts for moderate severity vulnerabilities. […]
Brave now lets you inject custom JavaScript to tweak websites
Brave Browser is getting a new feature called ‘custom scriptlets’ that lets advanced users inject their own JavaScript into websites, allowing deep customization and control over their browsing experience. […]
A Cybersecurity Leader’s Guide to SecVal in 2025
Are your defenses truly battle-tested? Security validation ensures you’re not just hoping your security works—it proves it. Learn more from Pentera on how to validate against ransomware, credential threats, and unpatched vulnerabilities in the GOAT Guide. […]
Massive brute force attack uses 2.8 million IPs to target VPN devices
A large-scale brute force password attack using almost 2.8 million IP addresses is underway, attempting to guess the credentials for a wide range of networking devices, including those from Palo Alto Networks, Ivanti, and SonicWall. […]
HPE notifies employees of data breach after Russian Office 365 hack
Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company’s Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack. […]
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. […]