Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer ...
Telefónica confirms internal ticketing system breach after data leak
Spanish telecommunications company Telefónica confirms an internal ticketing system was breached after stolen data was leaked ...
New Web3 attack exploits transaction simulations to steal crypto
Threat actors are employing a new tactic called "transaction simulation spoofing" to steal crypto, with one attack ...
US charges operators of cryptomixers linked to ransomware gangs
The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ...
Proton worldwide outage caused by Kubernetes migration, software change
Swiss tech company Proton, which provides privacy-focused online services, says that a Thursday worldwide outage was caused ...
Docker Desktop blocked on Macs due to false malware alert
Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an ...
Microsoft to force install new Outlook on Windows 10 PCs in February
Microsoft will force install the new Outlook email client on Windows 10 systems starting with next month's security update.
Treasury hackers also breached US foreign investments review office
Chinese hackers, part of the state-backed Silk Typhoon threat group, have reportedly breached the Committee on Foreign ...
STIIIZY data breach exposes cannabis buyers’ IDs and purchases
Popular cannabis brand STIIIZY disclosed a data breach this week after hackers breached its point-of-sale (POS) vendor to ...
Fake CrowdStrike job offer emails target devs with crypto miners
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick ...
Largest US addiction treatment provider notifies patients of data breach
BayMark Health Services, North America's largest provider of substance use disorder (SUD) treatment and recovery services, is ...
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in ...