Dark Pink APT Group Expands Tooling and Targets

Millions of PC Gigabyte Motherboards Were Sold With a Firmware Backdoor

Krebs: Discord Admins Hacked by Malicious Bookmarks

Salesforce ‘Ghost Sites’ Expose Sensitive Corporate Data

Terminator Antivirus Killer Is a Vulnerable Windows Driver in Disguise

Amazon’s Ring Agrees to Pay $5.8 Million to Settle FTC Spying Suit

A.I. Poses Human Extinction Risk on Par With Nuclear War, Sam Altman and Other Tech Leaders Warn

Pentagon Cyber Policy Cites Learnings from Ukraine War

Bipartisan Lawmakers Introduce Bill to Expand Cyber Partnership With Nations in Abraham Accords

Investment May Be Down, but Cybersecurity Remains a Hot Sector

Can Cloud Services Encourage Better Login Security? Netflix’s Accidental Model
Toyota Finds More Misconfigured Servers Leaking Customer Info

Capita Hack-Related Breaches Now Reported by Nearly 90 Orgs

Mountain View Hospital and Idaho Falls Community Hospital Hit by Cyberattack, Closing Some Clinics

Onix Group (PA) Announces Data Breach Following Ransomware Attack

Stealthy SeroXen RAT Malware Increasingly Used to Target Gamers

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

Hackers Exploit Critical Zyxel Firewall Flaw in Ongoing Attacks

WordPress Force Installs Critical Jetpack Patch on 5 Million Sites

XFS Bug in Linux Kernel 6.3.3 Coincides With SGI Code Comeback

Kali Linux 2023.2 Released With 13 New Tools, Pre-Built HyperV Image


Human Error Fuels Industrial APT Attacks, Kaspersky Reports

Alleged Russian Spy Whale ‘Hvaldimir’ Turned Up in Sweden. Why?

Nigerian Cybercrime Ring’s Phishing Tactics Exposed

Ransomware Gangs Adopting Business-like Practices to Boost Profits

Dark Web Data Leak Exposes RaidForums Members

CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security

Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

19 Threats To Customers’ Personal Info Companies Shouldn’t Ignore

FBI Warns Gmail and Outlook Users Over ‘Infection Message’ That Can Break Computers

Alabama Digital Road Sign Hacked to Display White Supremacist Messages
RomCom Malware Spread via Google Ads for ChatGPT, Gimp, More

Enzo Biochem Says Ransomware Attack Exposed Patient Info, Social Security Numbers

MedInForm Announces Data Breach Affecting Cleveland Clinic Patients’ SSNs

Clarke County Hospital (IA) Notifies Over 28k Patients of Recent Data Breach

DogeRAT Malware Impersonates BFSI, Entertainment, E-commerce Apps

Android Apps With Spyware Installed 421 Million Times From Google Play

WordPress Plugin ‘Gravity Forms’ Vulnerable to PHP Object Injection

Barracuda Zero-Day Abused Since 2022 to Drop New Malware, Steal Data

Microsoft Finds macOS Bug That Lets Hackers Bypass Sip Root Restrictions


China Cyberattacked The U.S.: Corporations Are On The Front Lines

AceCryptor: Cybercriminals’ Powerful Weapon, Detected in 240K+ Attacks

New Mirai Botnet Variant Campaigns are Targeting IoT Devices

Top Cyberattacks Revealed in New Threat Intelligence Report
North Korean Lazarus Hackers Target Windows IIS Web Servers for Initial Access

MCNA Dental Data Breach Impacts 8.9 Million People After Ransomware Attack

Flash Loan Attack on Jimbos Protocol Steals Over $7.5 Million

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan


Italy’s Industry Ministry Reports ‘Heavy’ Cyberattack

Senegalese Government Websites Hit With Cyber Attack

Israeli Cyber Company NSO Group Has New Ownership After U.S. Blacklist

Portugal Moves Closer to Banning Chinese Suppliers From 5G

Krebs: Phishing Domains Tanked After Meta Sued Freenom

Mozilla Stops Firefox Fullscreen VPN Ads After User Outrage

PyPi Announces Mandatory Use of 2FA for All Software Publishers

Hot Pixels Attack Checks CPU Temp, Power Changes to Steal Data

Clever ‘File Archiver in the Browser’ Phishing Trick Uses Zip Domains

Will Apple’s Reality Pro Signal the Beginning of the Immersive Internet?
Tesla Whistleblower Leaks 100GB of Data, Revealing Safety Complaints

Dutch Watchdog Looking Into Alleged Tesla Data Breach

Emby Shuts Down User Media Servers Hacked in Recent Attack

U.S. Gov’t Contractor ABB Confirms Ransomware Attack, Data Theft

BlackByte Ransomware Claims City of Augusta (GA) Cyberattack

Albany ENT & Allergy Services (NY) Notified Patients of SSN Data Breach

QBot Malware Abuses Windows WordPad Exe to Infect Devices

New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets

Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data

CISA Warns Gov’t Agencies of Recently Patched Barracuda Zero-Day


Chinese State-Sponsored Hackers ‘Volt Typhoon’ Infiltrated U.S. Naval Infrastructure, Secretary of the Navy Says

U.S. State Department Warns China Could Hack Infrastructure, Including Pipelines, Rail Systems

China Hits Back After Microsoft Says State-Sponsored Group Hacked Critical Us Infrastructure

Reuters: Kenyan Official Dismisses Reuters Report on Chinese Hack as ‘Propaganda’

Spotted: Suspected Russian Malware ‘CosmicEnergy’ Designed to Disrupt Euro, Asia Energy Grids

Brazilian Hackers ‘Operation Magalenha’ Targeting Users of Over 30 Portuguese Banks

The Security Hole at the Heart of ChatGPT and Bing

Cybersecurity Chiefs Navigate AI Risks and Potential Rewards

Advanced Phishing Attacks Surge 356% in 2022

Microsoft 365 Phishing Attacks Use Encrypted RPMSG Messages

A Popular Password Hashing Algorithm Starts Its Long Goodbye

Building an Effective Cybersecurity Training Program

Four Ways To Improve Cybersecurity For Your Business

CISO Criminalization, Vague Cyber Disclosure Rules Create Angst for Security Teams

Netflix’s Password-Sharing Ban Offers Security & Account Safety Upsides
Russian Electronics Giant Pult.ru Hit by Data Leak

Fresh Del Monte Produce Notifies Employees of Recent Data Breach

Populus Financial Group, Inc. Files Notice of Data Breach Affecting 51,858 Individuals

Freedom Mortgage (FL) Notifies Consumers That a Data Breach Compromised Their Social Security Numbers

Credit Union of Southern California Data Breach Following Compromised Employee Email Account

Scandinavian Airlines Hit By Cyber Attack As Hackers Demand $175,000

Augusta (GA) City Services Suffer as Cyber-Attack Keeps Computers Off

Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry

Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code

Predator: Looking under the hood of Intellexa’s Android spyware

Expo Framework API Flaw Reveals User Data in Online Services

Hackers Target 1.5M WordPress Sites With Cookie Consent Plugin Exploit

Zyxel Issues Critical Security Patches for Firewall and VPN Products

D-Link Fixes Auth Bypass and RCE Flaws in D-View 8 Software


Chinese Hackers Attacked Kenyan Government as Debt Strains Grew

Chinese Hackers ‘Volt Typhoon’ Breach U.S. Critical Infrastructure in Stealthy Attacks

Lazarus Group Targeting Microsoft Web Servers to Launch Espionage Malware

Iranian Hackers ‘Agrius’ Use New Moneybird Ransomware to Attack Israeli Orgs

Cyber Attacks Strike Ukraine’s State Bodies in Espionage Operation

50% of UK CEOs See Cyber as a Bigger Business Risk than the Economy

Palo Alto Networks CEO Nikesh Arora Calls Generative A.I. a Boon for Customer Satisfaction and Company Efficiency

A.I. Poses Existential Risk of People Being ‘Harmed or Killed,’ Ex-google CEO Eric Schmidt Says

Philly Inquirer Says Cuba Ransomware Gang’s Data Leak Claims Are Fake News
Reliance’s Zivame Customers Say Their Accounts Were Hacked

Harvard Pilgrim Says Patient Information May Have Been Stolen During Cyber Attack

Peachtree Orthopedics (GA) Data Breach Potentially Compromised Patients’ Social Security Numbers

Data Stealing Malware Discovered in Popular Android Screen Recorder App

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

New PowerExchange Malware Backdoors Microsoft Exchange Servers

Barracuda Warns of Email Gateways Breached via Zero-Day Flaw

GitLab ‘Strongly Recommends’ Patching Max Severity Flaw ASAP

Why Aren’t Venture Capitalists Flocking to Fund Cybersecurity Startups?


Biden Nominates Air Force Lieutenant General Timothy Haugh to Lead NSA, Cyber Command

Treasury Sanctions Cyber Actors Tied to North Korea

North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware

TikTok to Let Oracle View Source Code, Algorithm, and Content Moderation

Chinese Labs Are Selling Fentanyl Ingredients for Millions in Crypto

Ads for Lucrative Jobs in Asia Fail to Mention Chance of Slavery as Crypto-Scammer

Krebs: Interview With a Crypto Scam Investment Spammer

IT Employee Impersonates Ransomware Gang to Extort Employer

Palo Alto Lifts Annual Forecasts on Resilient Cybersecurity Spending

Where to Focus Your Company’s Limited Cybersecurity Budget

Ignoring Cybersecurity Is Intellectually Dishonest
GoldenJackal Targets Diplomatic Entities in Middle East, South Asia

New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East

Cuba Ransomware Claims Cyberattack on Philadelphia Inquirer

Sallie Mae Notified Individuals of Recent Data Breach Involving Bank Account Information

Apria Healthcare Breach Affects Up to 1.8 Million Individuals

Dorchester School (UK) IT System Held to Ransom in Cyber Attack

Suzuki Motorcycle India Temporarily Shuts Production Following a Cyber Attack

Fata Morgana Watering Hole Attack Targets Shipping, Logistics Firms

SuperMailer Abuse Bypasses Email Security for Super-Sized Credential Theft

New AhRat Android Malware Hidden in App With 50,000 Installs


Lawmakers, Experts Fear Key Cyber Vacancy Leaves U.S. Vulnerable to Attacks

TikTok Sues to Stop Montana From Enforcing Its “Unconstitutional” Ban

China Issues Ban on U.S. Chipmaker Products

Security Chiefs Trim the Fat as Budgets Bite

Cybersecurity Firms’ Earnings Set to Benefit From Growing Threat of Hacks

How Con Artists Use AI, Apps, Social Engineering to Target Parents, Grandparents for Theft

Pentagon Explosion Hoax Goes Viral After Verified Twitter Accounts Push

Buyer Beware: Some Sandisk Extreme SSDs Are Wiping People’s Data

Leaked EU Document Shows Spain Wants to Ban End-to-End Encryption

Meta Fined a Record $1.3 Billion Over EU User Data Transfers to the U.S.

Google Settles Location Tracking Lawsuit for Only $39.9M

UK Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes
Bad Magic’s Extended Reign in Cyber Espionage Goes Back Over a Decade

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations

Dish Says Ransomware Gang Stole Almost 300,000 Employee Records

German Arms Company Rheinmetall Confirms Black Basta Ransomware Group Behind Cyberattack

Constellation Software Inc. Experiences Data Breach Following Cyberattack

Gentex Corporation Confirms Ransomware Attack, Raising Questions Over Possible Data Breach

Crypto Phishing Service Inferno Drainer Defrauds Thousands of Victims

Malicious Windows Kernel Drivers Used in BlackCat Ransomware Attacks

CISA Orders Gov’t Agencies to Patch iPhone Bugs Exploited in Attacks

Google Launches Bug Bounty Program for Its Android Applications

IBM’s Polar Buy Creates Focus on a New ‘Shadow Data’ Cloud Security Area


13-Year-Old Makes History With Computer Science and Cybersecurity Degrees

The Real Risks in Google’s New .Zip and .Mov Domains

Experts Warn of Voice Cloning-as-a-Service

Microsoft Warns of Increase in Business Email Compromise Attacks

Cloned CapCut Websites Push Information Stealing Malware

Android Phones Are Vulnerable to Fingerprint Brute-Force Attacks

The Underground History of Russia’s Most Ingenious Hacker Group ‘Turla’

How Montana Could Enforce a TikTok Ban

A TikTok ‘Car Theft’ Challenge Is Costing Hyundai $200 Million

Meet ‘Jack’ from Romania! Mastermind Behind Golden Chickens Malware

Russian IT Guy Sent to Labor Camp for DDoSing Kremlin Websites

Americans to Get One-Time $5,000 Max Payment From Maxim Healthcare Breach Settlement
PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted

Asus Routers Knocked Offline Worldwide by Bad Security Update

Florida Baptist Convention Loses Over $700K in Cyber Attack, Investigation Underway

Threat of Confidential Data Release in Dallas Ransomware Attack

Dish Network Likely Paid Ransom After Recent Ransomware Attack

Luxottica Confirms 2021 Data Breach After Info of 70M Leaks Online

Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks

CommonMagic Malware Implants Linked to New CloudWizard Framework

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware

CISA Warns of Samsung ASLR Bypass Flaw Exploited in Attacks

Data Siloes: Overcoming the Greatest Challenge in SecOps


IRS Deploys Cyber Attachés to Fight Cybercrime Abroad

Cyber Warfare Escalates Amid China-Taiwan Tensions

Montana Becomes the First State to Ban TikTok

Apple’s App Store Blocks $2B in Fraudulent Transactions

Google May Delete Your Old Accounts: Here’s How to Stop It

Most Companies Can’t Handle Cybersecurity Alone

Radiology Group Sues Broker Over Lapsed Cyber Insurance Policy

Darknet Carding Kingpin Pleads Guilty: Sold Financial Info of Tens of Thousands

Wisconsin Teen Bragged ‘Fraud Is Fun’ Before Allegedly Hacking Sports Betting Site, Stealing $600K

LayerZero Launches Record-Breaking $15M Crypto Bug Bounty Program
Cybercrime Syndicate ‘Lemon Group’ Pre-Infected Over 8.9 Million Android Phones Worldwide

Several Louisiana Agencies Crippled by Network Outage

UHS of Delaware Files Notice of Third-Party Data Breach

Northwest Health-La Porte (IN) Reports Data Breach After Unauthorized Access to Patient Records

Great Expressions Dental Centers (MI) Notify Patients of Data Breach Following Cyberattack

8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency

Hackers Target Vulnerable WordPress Elementor Plugin After PoC Released

KeePass Exploit Helps Retrieve Cleartext Master Password, Fix Coming Soon

Apple Fixes Three New Zero-Days Exploited to Hack iPhones, Macs


Russian Computer Breached DC Metro System

Congressional Employees Exposed in Transit Benefit Program Breach

Temu Accused of Data Risks After Sister App Was Suspended for Malware

NSO Group Spends Millions Lobbying U.S. Government

The Post Office Is Spying on the Mail: Senators Want to Stop It

ChatGPT Scams Are Infiltrating the App Store and Google Play

Social Engineering Risks Found in Microsoft Teams

Do Hypothetical Risk Disclosures Give Rise to Securities Claims?

Cybersecurity Leaders Suffer Burnout as Pressures of the Job Intensify

Talking Security Strategy: Cybersecurity Has a Seat at the Boardroom Table

Microsoft Pulls Defender Update Fixing Windows LSA Protection Bug

These Ransomware Victims Are Paying More to Recover Data
OilAlpha: Emerging Houthi-linked Cyber Threat Targets Arabian Android Users

ScanSource Says Ransomware Attack Behind Multi-Day Outages

Lehigh Valley (PA) Notifies 627 Patients Affected by February Ransomware Attack

Fertility Specialists Medical Group (CA) Experiences Data Breach

Ransomware Group Adds Academy Mortgage (UT) to Victim List

The Heritage Group (IN) Notifies Current and Former Employees of Data Breach

Franklin County Public Schools (VA) Ransomware Attack Under Investigation

Oklahoma Institute of Allergy, Asthma and Immunology Clinic in Edmond Offline after Cyber Event

Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover

‘Strictly Limit’ Remote Desktop – Unless You Like Catching BianLian Ransomware

MalasLocker Ransomware Targets Zimbra Servers, Demands Charity Donation

Malicious Microsoft VSCode Extensions Steal Passwords, Open Remote Shells

Cisco Warns of Critical Switch Bugs With Public Exploit Code


China’s Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks

Camaro Dragon APT Group Exploits TP-Link Routers With Custom Implant

1Password Is Finally Rolling Out Passkey Management

Researchers Find Security Flaw in Wemo Smart Plug, Belkin Says It Won’t Release a Patch for Device

New Zip Domains Sparks Debate Among Cybersecurity Experts

The Digital World Is Changing Rapidly: Your Cybersecurity Needs to Keep Up

Krebs: Russian Hacker Mikhail Pavolovich Matveev “Wazawaka” Indicted for Ransomware

Krebs: Re-Victimization from Police-Auctioned Cell Phones

Cops Crack Gang That Used Bots to Book and Resell Immigration Appointments
Lacroix Shuts Three Factories for a Week After Cyber-Attack

Indonesia’s Bank Syariah Indonesia Customer Data Safe Amid Reports of Breach

Conner Strong & Buckelew Recent Data Breach Compromised Employee Email Accounts

4,000 VCU Health Patients Were Impacted by Breach

Data Breach at Vendor Credit Control Corporation Impacts Virginia Hospitals and Medical Practices

Asian Health Services (CA) Provides Notice of Recent Data Breach to Patients

CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules

Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems

Kiddowares ‘Parental Control – Kids Place’ App With 5 Million Downloads Vulnerable to Attacks


Lancefly APT Custom Backdoor ‘Merdoor’ Targets Government and Aviation Sectors

New Ransomware Gang RA Group Hits U.S. and South Korean Organizations

Qilin’s Dark Web Ransomware Targets Critical Sectors

The New Info-Stealing Malware Operations to Watch Out For

How I Tricked ChatGPT Into Telling Me Lies

VirusTotal AI Code Analysis Expands Windows, Linux Script Support

New Twitter CEO Linda Yaccarino Says She Is Excited to Help to Transform the Company

Ex-Twitter Cyber Chief Lea Kissner Joins Cloud-Security Company Lacework

U.S. Says VoIP Firm XCast Labs Delivered Billions of Scam Robocalls

WhatsApp Now Lets You Lock Chats With a Password or Fingerprint
Cybercriminals Who Targeted Ukraine Are Actually Russian Government Hackers, Researchers Say

Data of 237,000 U.S. Government Employees Breached at Department of Transportation

The Philadelphia Inquirer: The Philadelphia Inquirer’s Operations Continue to Be Disrupted by a Cyber Incident

Ransomware Gang Steals Data of 5.8 Million PharMerica Patients

airBaltic Exposes Passenger Info to Others Due to a ‘Technical Error’

Whitworth University (WA) Notifies 65,593 Students of Data Breach Involving Their SSNs

Renewal by Andersen Notifies 13,464 About Recent Data Breach Involving Consumer SSNs

Methodist Family Health Notifying Some Arkansans About a Ransomware Attack

New ‘MichaelKors’ Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

Intel Says Friday’s Mystery ‘Security Update’ Microcode Isn’t Really a Security Update


U.S. Trains Ukrainian Law Enforcement to Pursue Russian Crypto Assets

Lawmakers Call on Biden to Nominate New National Cyber Director

FBI: Bl00dy Ransomware Targets Education Orgs in Papercut Attacks

CISA Warns of Critical Ruckus Bug Used to Infect Wi-Fi Access Points

New Phishing-as-a-Service Platform ‘Greatness’ Lets Cybercriminals Generate Convincing Phishing Pages

Debunking Three Myths About Ransomware

Card ‘ID Theft’ Fraud Doubled in 2022

Hacker Marketplace ‘Genesis Market’ Still Active Despite Police ‘Takedown’ Claim

‘Top Three Balkans Drug Kingpins’ Arrested After Cops Crack Their Sky ECC Chats

Brave Unveils New “Forgetful Browsing” Anti-tracking Feature

ChatGPT Is About to Revolutionize Cybersecurity

How Cybercriminals Adapted to Microsoft Blocking Macros by Default

Microsoft Patches Bypass for Recently Fixed Outlook Zero-Click Bug
Toyota Leaked Vehicle Data of 2 Million Customers For 10 Years

Discord Discloses Data Breach After Support Agent Got Hacked

More Than 45,000 Met Opera Customers Exposed in Data Breach

Capita Warns Customers They Should Assume Data Was Stolen

Curry County (OR) Systems Still Down Several Weeks After Ransomware Attack

Lake County Health Department (IL) Security Breach Exposed Residents’ Health Data, Personal Information

‘Suspicious Communication’ Leads Norton Healthcare (KY) To Shut Down Network

Gaston College (NC) Looks into Possible Data Breach Following Recent Ransomware Attack

XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks

New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows

Hackers Use Public Exploit to Attack Vulnerable WordPress Sites

Netgear Routers’ Flaws Expose Users to Malware, Remote Attacks, and Surveillance


How Congress Is Tackling Disinformation From U.S. Adversaries

NSA Chief Paul Nakasone Has Said He Expects to Step Down in Coming Months

EU Draft Legislation Will Ban AI for Mass Biometric Surveillance and Predictive Policing

Cybersecurity Faces a Challenge From Artificial Intelligence’s Rise

Millions of Mobile Phones Come Pre-infected With Malware, Say Researchers

Twitter to Launch Encrypted Direct Messages With Voice and Video Chat to Follow, Elon Musk Says

Elon Musk Also Says He Has a New C.E.O. for Twitter

Ex-Ubiquiti Engineer Behind “Breathtaking” Data Theft Gets 6-Year Prison Term

Breach of Mental-Health Records Challenges Nation’s Court System
New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe

Multinational Tech Firm ABB Hit by Black Basta Ransomware Attack

Tokyo MOU Reports Previously-Undisclosed Cyberattack From 2022

Seacom (South Africa) Hit by Cyber Attack

Chattanooga State Community College (TN) and Mercer University (GA) Respond to Cyberattacks

Brightly Warns of SchoolDude Data Breach Exposing Credentials

Threat Actors Use Babuk Code to Build Hypervisor Ransomware

WordPress Elementor Plugin Bug Let Attackers Hijack Accounts on 1M Sites

The Effects Of Cybercrime On Small Businesses


A Mysterious New Hacker Group Is Lurking in Ukraine’s Cyberspace

Sophisticated DownEx Malware Campaign Targeting Central Asian Governments

North Korean Hackers Breached Major Hospital in Seoul to Steal Data

Young Cyber Companies Face Uncertain Economy

3 Key Metrics for Cybersecurity Product Managers

The Industrywide Consequences of Making Security Products Inaccessible

New ‘Greatness’ service simplifies Microsoft 365 phishing attacks

Why Honeytokens Are the Future of Intrusion Detection

New Ransomware Decryptor Recovers Data From Partially Encrypted Files

Gmail Can Now Scan the Dark Web for Your Email Address

UK Man ‘PlugwalkJoe’ Pleads Guilty to Twitter Hack That Compromised Accounts of Joe Biden, Elon Musk
Cybersecurity Firm Dragos Discloses Cybersecurity Incident, Extortion Attempt

Australia’s TechnologyOne Halts Trading After Being Hit by Cyber Attack

Middleburg (VA) Weathers Cyber Attack

Bristol Community College (MA) Informs 56,400 Faculty and Students of Recent Data Breach

ASAS Health (TX) Notifies More Than 25K People of Recent Data Breach

Triad Business Bank (NC) Data Breach Compromises 8,000 Social Security Numbers

Huron-Superior Catholic District School (ON) Hit by Cyber Attack Discovers Additional Info Stolen

Fake In-Browser Windows Updates Push Aurora Info-Stealer Malware

RapperBot DDoS Malware Adds Cryptojacking as New Revenue Stream

Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft

Krebs: Microsoft Patch Tuesday, May 2023 Edition


FBI Takes Down Russian ‘Snake’ Computer Malware Network That Attacked NATO Nations, Journalists

Beijing Raids Consultancy, State-Sponsored Media Warns More to Come

The Team of Sleuths Quietly Hunting Cyberattack-for-Hire Services

The Billion-Dollar Ponzi Scheme That Hooked Warren Buffett and the U.S. Treasury

EU Draft Rules Propose Tougher Cybersecurity Labelling Rules for Amazon, Google, Microsoft

Github Now Auto-Blocks Token and API Key Leaks for All Repos

Cybersecurity Needs to Be Part of Your Product’s Design from the Start

The Problem of Old Vulnerabilities And What to Do About It

Spanish Police Dismantle Phishing Operation Linked to Crime Ring

Krebs: Feds Take Down 13 More DDoS-for-Hire Services
Food Distribution Giant Sysco Warns of Data Breach After Cyberattack

PRGX Global (GA) Notifies 13,231 Individuals of Recent Data Breach

Petaluma Health Center (CA) Files Official Notice of Data Breach Following Recent Cyber-Incident

Royal Ransomware Expands to Target Linux, VMware ESXi

Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps

Researchers Uncover SideWinder’s Latest Server-Based Polymorphism Technique

New ‘AndoryaBot’ Botnet Campaign Exploits Ruckus Wireless Flaw

New Linux Kernel NetFilter Flaw Gives Attackers Root Privileges

Microsoft May 2023 Patch Tuesday Fixes 3 Zero-Days, 38 Flaws

Microsoft Issues Optional Fix for Secure Boot Zero-Day Used by Malware


SideCopy Using Action RAT and AllaKore RAT to Infiltrate Indian Organizations

QR Codes Used in Fake Parking Tickets, Surveys to Steal Your Money

Twitter to Remove Idle Accounts, Archive Them

Palantir Soars on Earnings Beat and Prediction of Full-Year Profitability

I Asked ChatGPT, Bing, and Bard What Worries Them. Google’s AI Went Terminator on Me

FBI Seizes 13 More Domains Linked to DDoS-For-Hire Services
Microsoft: Iranian Hacking Groups Join Papercut Attack Spree

MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web

1 Million NextGen Patient Records Compromised in Data Breach

Catholic Health Third-Party Data Breach at Minimum Data Set Consultants Leaked Patient Data

Microsoft Enforces Number Matching to Fight MFA Fatigue Attacks

Why the ‘Why’ of a Data Breach Matters


2 Years After Colonial Pipeline, U.S. Critical Infrastructure Still Not Ready for Ransomware

In a New Hacking Crime Wave, Much More Personal Data Is Being Held Hostage

Twitter Says ‘Security Incident’ Exposed Private Circle Tweets

Russian ‘Ghost Ships’ Identified Near the Nord Stream Blasts

Krebs: $10M Is Yours If You Can Get This Guy to Leave Russia

New Cactus Ransomware Encrypts Itself to Evade Antivirus

Meet Akira — A New Ransomware Operation Targeting the Enterprise

Siemens, SAP Say EU Draft Data Act Puts Trade Secrets at Risk

Prosecution of Former Uber Security Chief Carries Warnings for Cyber Leaders

New CS:GO Map Bypasses Russia’s Censorship of Ukraine War News
Western Digital Says Hackers Stole Customer Data in March Cyberattack

ALPHV Gang Claims Ransomware Attack on Constellation Software

More Swiss Media Groups Affected by Ransomware Attack

Veridian Credit Union (IA) Files Notice of Data Breach Affecting 12,996 Individuals

McPherson Hospital (KS) Notifies Over 19k Patients of Recent Data Breach

New Android Malware ‘FluHorse’ Targeting East Asian Markets with Deceptive Tactics

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN

“Kekw” Malware in Python Packages Could Steal Data and Hijack Crypto

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

New Android Updates Fix Kernel Bug Exploited in Spyware Attacks


North Korean Kimsuky Hackers Use New Recon Tool to Find Security Gaps

Therapy Apps Are Still Failing Their Privacy Checkups

Consumer Group Slams Bank App Fraud Failings

Google Launches Cybersecurity Certificates for Entry-Level Workers

Former Uber Security Chief to Be Sentenced for Federal Crimes

The Legacy of Mt. Gox: Why Bitcoin’s Greatest Hack Still Matters

Millions of Patients’ Data Confirmed Stolen After Fortra Mass-Hack

The Devastating Business Impacts of a Cyber Breach

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service
Ransomware Gang Hijacks Bluefield University’s Alert System to Issue Threats

Data Breach Concerns Arise Amid Montana State University Cyberattack

Hackers Threatening to Release Stolen Data From Crown Princess Mary Cancer Centre in Westmead Hospital

Berlin Packaging Files Notice of Data Breach Involving “Human Resources Information”

Carvin Software Data Breach Affects 187,360 Consumers

Cyber Attack Shuts Down Raleigh (NC) Housing Authority Computer System

New Fleckpe Android Malware Installed 600K Times on Google Play

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

Cisco Phone Adapters Vulnerable to RCE Attacks, No Fix Available


Russian Hackers Use Winrar to Wipe Ukraine State Agency’s Data

Chinese Earth Longzhi Uses “Stack Rumbling” to Disable Security Software

CISA Advises FCC Covered List For Risk Management

Meta Security Analysts Warn of Malicious ChatGPT Imposters

FTC Proposes Ban on Meta Profiting From Minors’ Data

Dashlane’s Password Manager Goes Zero Password

Google Is Rolling Out Password-Killing Tech to All Accounts

Google Is Changing Chrome’s Lock Icon Because Nobody Knows What It Means For You

Now Gmail Has Blue Verified Checkmark Icons Too

Apple and Google Unveil Industry Specification For Unwanted Tracking

Meta Expunges Multiple APT, Cybercrime Groups From Facebook, Instagram

Facebook Disrupts New NodeStealer Information-Stealing Malware

Police Dismantles Try2Check Credit Card Verifier Used by Dark Web Markets
Sweden Parliament Hit by Denial-Of-Service Cyber Attack

City of Dallas Hit by Royal Ransomware Attack Impacting IT Services

Italian Water Supplier Serving 500,000 People Hit With Ransomware Attack

Swiss CH Media Group Data Published on Dark Web

Vendor for Aetna Insurance, NationsBenefits Announces Data Breach

Payment Software Giant AvidXchange Suffers Its Second Ransomware Attack of 2023

Brightline Data Breach Impacts 783K Pediatric Mental Health Patients

Russian Ransomware Gang Clop Suspected in Santa Clara Family Health Plan (CA) Attack

Krebs: Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

Researcher Hijacks Popular Packagist PHP Packages to Get a Job

Hackers Start Using Double DLL Sideloading to Evade Detection

Hotels at Risk From Bug in Oracle Property Management Software


China Updates Military Conscription Rules With Eye on Space, Cyberwarfare

North Korean APT37 Lures Used to Deploy ROKRAT Malware

BouldSpy Android Spyware: Iranian Government’s Alleged Tool for Spying on Minority Groups

Google, Microsoft CEOs Called to AI Meeting at White House

Samsung Bans Use of AI Like ChatGPT for Employees After Misuse of the Chatbot

SolarWinds: The Untold Story of the Boldest Supply-Chain Hack Ever

Merck’s Insurers On the Hook in $1.4 Billion NotPetya Attack, Court Says

Operation SpecTor: International Police Just Made a Huge Dark Web Bust

FBI Seizes 9 Crypto Exchanges Used to Launder Ransomware Payments

Cybercrime Groups Find a New Target: Religious Institutions

Boards Are Having the Wrong Conversations About Cybersecurity
Australian Law Firm HWL Ebsworth Hit by Russian-Linked Ransomware Attack

Level Finance Crypto Exchange Hacked After Two Security Audits

An Anti-Trans Doctor Group Leaked 10,000 Confidential Files

UK Gun Owners May Be Targeted After Rifle Association Breach

Charter Foods Notifies 109,194 Individuals of Recent Data Breach

HealthPlan Services Files Notice of Data Breach Impacting Thousands

Hackers Exploit 5-Year-Old Unpatched Flaw in TBK DVR Devices

Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software

Google Will Remove Secure Website Indicators in Chrome 117

1Password Explains Scary Secret Key and Password Change Alerts


Rising Tensions Over Taiwan Prompts U.S. to Take Proactive Approach in Cyberspace

The High-Stakes Scramble to Stop Classified Leaks

U.S. Marshals Computer Network Down 10 Weeks After Ransomware Hack

FBI Focuses on Cybersecurity With $90M Budget Request

Capita: Watchdog Warns Pension Funds Over Data After Hack

Apple’s First iPhone Rapid Security Response Patch Had a Problem, but It’s Fine Now

Cybersecurity Implications Of Juice Jacking For Businesses

Those Scary Warnings of Juice Jacking in Airports and Hotels? They’re Mostly Nonsense

White House to Study Employer Tools That Monitor Workers

Corporate ChatGPT Applications Grow Despite Legal Scrutiny
T-Mobile Discloses Second Data Breach Since the Start of 2023

IT Giant Bitmarck Shuts Down Customer, Internal Systems After Cyberattack

Hackers Leak Images to Taunt Western Digital’s Cyberattack Response

Hacker Targets Wichita State University

Nashua Schools (NH) Open Monday Despite Cyberattack

Nextgen Healthcare Data Breach Affects Thousands of Individuals’ Social Security Numbers

Alvaria Files Data Breach Notice on Behalf of Carrington Mortgage Services (MA)

New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks

New LOBSHOT Malware Gives Hackers Hidden VNC Access to Windows Devices

What the Cybersecurity Industry Can Learn From the SVB Crisis