The Pennsylvania State Education Association (PSEA), the largest public-sector union in Pennsylvania, is notifying over half a million individuals that attackers stole their personal information in a July 2024 security breach. […]
Ukrainian military targeted in new Signal spear-phishing attacks
Ukraine’s Computer Emergency Response Team (CERT-UA) is warning about highly targeted attacks employing compromised Signal accounts to send malware to employees of defense industry firms and members of the country’s army forces. […]
Microsoft Exchange Online outage affects Outlook web users
​Microsoft is investigating an ongoing outage preventing Outlook on the web users from accessing their Exchange Online mailboxes. […]
New Arcane infostealer infects YouTube, Discord users via game cheats
A newly discovered information-stealing malware called Arcane is stealing extensive user data, including VPN account credentials, gaming clients, messaging apps, and information stored in web browsers. […]
Microsoft fixes Windows update bug that uninstalled Copilot
Microsoft has fixed a bug causing the March 2025 Windows cumulative updates to mistakenly uninstall the AI-powered Copilot digital assistant from some Windows 10 and Windows 11 systems. […]
Click Profit blocked by the FTC over alleged e-commerce scams
The Federal Trade Commission (FTC) in the U.S. has taken action against Click Profit for allegedly deceiving consumers with false promises of guaranteed passive income through AI-powered online stores. […]
Orion Security Raises $6 Million to Tackle Insider Threats and Data Leaks with AI-Driven DLP
Orion protects against data exfiltration by using AI to compare actual data flows against permitted and expected data flows.
The post Orion Security Raises $6 Million to Tackle Insider Threats and Data Leaks with AI-Driven DLP appeared first on SecurityWeek.
WhatsApp patched zero-click flaw exploited in Paragon spyware attacks
WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon’s Graphite spyware following reports from security researchers at the University of Toronto’s Citizen Lab. […]
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT.
The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code.
Cybersecurity company
The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code.
Cybersecurity company
March Madness Requires Vigilance on Both an Individual and Corporate Level
Defending high profile sporting events from adversarial attacks requires a mix of experienced capabilities and a solid threat intelligence program.
The post March Madness Requires Vigilance on Both an Individual and Corporate Level appeared first on SecurityWeek.