Iranian Charming Kitten’s PowerStar Malware Evolves with Advanced Techniques

From MuddyC3 to PhonyC2: Iran’s MuddyWater Evolves with a New Cyber Weapon

Security Chiefs Take On IT Roles as More Infrastructure Moves Online

MIT Publishes Framework to Evaluate Cybersecurity Methods

NSA and CISA Release Guidelines to Secure CI/CD Environments

Chinese Balloon That U.S. Shot Down Was ‘Crammed’ With American Hardware

Network Security Guy in Extradition Tug of War Between U.S. and Russia

Pornhub Is Being Accused of Illegal Data Collection

Now Apple Takes a Bite Out of Encryption-Bypassing ‘Spy Clause’ in UK Internet Law

Proton Launches Open-Source Password Manager With Some Limitations
Pro-Russia DDoSia Hacktivist Project Sees 2,400% Membership Increase

Millions Affected by MOVEit Mass-Hacks as List of Casualties Continues to Grow

Paracetamol Maker Granules India Flags Significant Operations Hit From Cyber Attack

Sweetwater UHSD (CA) Data Breach Compromises Student, Staff Info

Roosevelt University Data Breach Involving FAFSA Applications Affects 47,877

Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes

Critical Security Flaw in Social Login Plugin for WordPress Exposes Users’ Accounts

MITRE Releases New List of Top 25 Most Dangerous Software Bugs

Vulnerability Hunting: Threat Hunting’s Cybersecurity Cousin

Cybersecurity 101


White House Outlines Cyber Budget Priorities, Including Making Ransomware ‘No Longer Profitable’

‘A Regional Disaster’: Cyberattacks on Health Care Facilities Have Ripple Effects, Study Says

Fears Grow of Deepfake ID Scams Following Progress Hack

How Your Real Flight Reservation Can Be Used to Scam You

New Electromagnetic Attacks on Drones Could Let Attackers Take Control

The Password Game Will Make You Want to Break Your Keyboard in the Best Way

Microsoft Sysmon Now Detects When Executables Files Are Created

Brave Browser Boosts Privacy With New Local Resources Restrictions

Andariel’s Mistakes Uncover New ‘EarlyRat’ Malware in Lazarus Group Campaign

Uncovering How AI’s Dual Relationship With Cybersecurity Operates

The Tiny Government Agency Behind a Chinese A.I. Chip Ban That’s Weighing on Nvidia

Krebs: U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison

University of California Sues Lloyd’s Syndicates Over Cyber Insurance
U.S. Health Department, Law Firms Reportedly Latest Hit in Wide-Ranging MOVEit Hack

U.S. Patent and Trademark Office Notifies Filers of Years-Long Data Leak

CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million

8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses

Texas AG Reports More Than 2,500 Customers Exposed in USAA Data Breach

MAC Pizza (TX) Files Notice of Data Breach Following Recent Ransomware Attack

ThirdEye Infostealer Poses New Threat to Windows Users

Linux Version of Akira Ransomware Targets VMware ESXi Servers

NPM Ecosystem at Risk From “Manifest Confusion” Attacks

Exploit Released for New Arcserve UDP Auth Bypass Vulnerability

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

3 Strategies for Bringing Rigor to Software Security


‘SiegedSec’ Hackers Say Fort Worth, TX Website Targeted Over New State Law on Gender-Affirming Care

Submarine Cables at Growing Risk of Cyber-Attacks

U.S. Rep. Zach Nunn Unveils Agriculture Cybersecurity Grant Proposal

The Night 17 Million Precious Military Records Went Up in Smoke

China’s Baidu Claims Its Ernie Bot Beats ChatGPT on Key Tests as A.I. Race Heats Up

Study Reveals Alarming Gap in SIEM Detection of Adversary Techniques

EncroChat Bust Leads to 6,558 Criminals’ Arrests and €900 Million Seizure

Hundreds of Devices Found Violating New CISA Federal Agency Directive

Closing The Cybersecurity Gap For Nonprofits

The Lowly DDoS Attack Is Showing Signs of Being Anything But
‘Wagner’ Ransomware Targets Computers in Russia

Iran Subjected to Hack-And-Leak Operations by GhyamSarnegouni

Casualties Keep Growing in This Month’s Mass Exploitation of MOVEit 0-Day

Siemens Energy Confirms Data Breach After MOVEit Data-Theft Attack

Miscreants Leak Texts and Info Siphoned by Android Stalkerware App LetMeSpy

Conner Strong & Buckelew Notifies 15,064 Consumers of Data Breach That Leaked Their SSN

Desert Physicians Management (CA) Announces Data Breach on Behalf of Multiple Providers

New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain

New Mockingjay Process Injection Technique Could Let Malware Evade Detection


Microsoft Warns of Widescale Credential Stealing Attacks by Russian APT29 Hackers

Chinese Volt Typhoon Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks

The U.S. Senate Wants to Rein In AI. Good Luck With That

The Robotic Falcon Maker Who Lost £100,000 to Cyber Criminals

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers

JP Morgan Accidentally Deletes Evidence in Multi-Million Record Retention Screwup

Japan-Backed Fund to Buy Critical Semiconductor Firm JSR for $6.3 Billion as Chip Tensions Rise

Flipper Hacking Device on Track to Make $80M Worth of Sales

Serbia Man Charged in U.S. for Running ‘Monopoly’ Darknet Drug Market
Hackers Steal Data of 45,000 New York City Students in MOVEit Breach

Hacktivists Steal Government Files From Texas City Fort Worth

Suncor Energy Says It Experienced a Cybersecurity Incident

Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack

Brunswick Operations Normal Again After Cyber Attack

Activision Blizzard Games Crippled by Hours-Long DDoS Attack

Lutheran Social Services of Illinois Announces Data Breach Affecting Over 150k Individuals

Atlanta Postal Credit Union Files Notice of Recent Data Breach Following Ransomware Attack

Anatsa Android Trojan Now Steals Banking Info From Users in U.S., UK


Multiple U.S. Navy Personnel Say They’ve Received Potentially Malicious Smartwatches in the Mail

Why Is It So Rare to Hear About Western Cyber-Attacks?

Some Hospitals Are One Ransomware Attack Away From Closing

UK Cyberspies Warn Ransomware Crews Targeting Law Firms

CISA Orders Agencies to Patch iPhone Bugs Abused in Spyware Attacks

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

5 Ways to Instantly Make Your Instant Messaging More Secure

Malaysia to Take Legal Action Against Meta Over Harmful Content

Hacker ‘PlugWalkJoe’ Responsible for 2020 Twitter Breach Sentenced to Prison

FBI Seizes BreachForums After Arresting Its Owner Pompompurin in March

FBI Analyst Gets Three Years For National Security Breach

SolarWinds Executives Receive Wells Notice From U.S. SEC

LastPass Users Furious After Being Locked Out Due to MFA Resets

How Government Contractors & Agencies Should Navigate New Cyber Rules
Capital One Becomes Latest Bank Affected by Cyberattack on Debt-Buying Giant

MOVEit Breach Impacts Genworth, CalPERS as Data for 3.2 Million Exposed

American Airlines, Southwest Airlines Disclose Data Breaches Affecting Pilots

University of Manchester Confirms Data Theft in Recent Cyberattack

Hawaii Community College Targeted in Ransomware Attack

Kannact Notifies Over 100k Individuals of Data Breach That Leaked Their SSNs

Vincera Institute (PA) Files Notice of Data Breach Following Ransomware Attack

Trojanized Super Mario Game Used to Install Windows Malware

Cybercrime Group ‘Muddled Libra’ Targets BPO Sector with Advanced Social Engineering

Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware

Fortinet Fixes Critical FortiNAC Remote Command Execution Flaw

Grafana Warns of Critical Auth Bypass Due to Azure AD Integration

Google Bug Bounties Inch Closer to Microsoft’s Payouts


U.S.-China Tech Battle Entering Its ‘Primetime’ — And Generative A.I. Could Be the Next Frontier

Chinese Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware

MULTI#STORM Campaign Targets India and U.S. with Remote Access Trojans

Docs Show FBI Pressures Cops to Keep Phone Surveillance Secrets

CISA Orders Gov’t Agencies to Patch Bugs Exploited by Russian Hackers

Japan’s Digital ID Card Gets Emergency Review Amid Data Leaks

Krebs: SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

DuckDuckGo’s Privacy-Focused Browser Is Available for Windows Now

Microsoft Teams Bug Allows Malware Delivery From External Accounts

Microsoft 365 Users Report Outlook, Teams Won’t Start or Freezes

Google Backs Creation of Cybersecurity Clinics With $20 Million Donation

6 Major Attack Surfaces Frequently Targeted That You Must Protect
Pro-Russian Hackers Killnet, Anonymous Sudan, and REvil Attack the European Investment Bank

Largest Public Pension Fund in U.S. CalPERS Affected by MOVEit Breach

iOttie Discloses Data Breach After Site Hacked to Steal Credit Cards

Now BlackCat Extortionists Threaten to Leak Stolen Plastic Surgery Pics

Mirai Botnet Targets 22 Flaws in D-Link, Zyxel, Netgear Devices

Microsoft: Hackers Hijack Linux Systems Using Trojanized OpenSSH Version

Exploit Released for Cisco AnyConnect Bug Giving SYSTEM Privileges

Millions of GitHub Repos Likely Vulnerable to RepoJacking, Researchers Say

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites

VMware Fixes vCenter Server Bugs Allowing Code Execution, Auth Bypass

NSA Shares Tips on Blocking BlackLotus UEFI Malware Attacks

LockBit Developing Ransomware for Apple M1 Chips, Embedded Systems


DOJ Launches Cyber Unit With National Security Focus as China, Russia Threats Mount

U.S. Tracked Huawei, ZTE Workers at Suspected Chinese Spy Sites in Cuba

Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor

North Korean ScarCruft (aka APT37) Hackers Exploit Ably Service for Stealthy Wiretapping ‘FadeStealer’ Attacks

Krebs: Why Malware Crypting Services Deserve More Scrutiny

How Your New Car Tracks You

Supply Chain and APIs Top Security Concerns, CISO Survey Shows

Google Accuses Microsoft of Unfair Practices in Azure Cloud Unit

FTC Accuses DNA Testing Company 1Health.io, also known as Vitagene, of Lying About Dumping Samples

FTC: Amazon Trapped Millions Into Hard-To-Cancel Prime Memberships
Avast, Norton Parent Latest Victim of MOVEit Ransomware Attacks

At Least 10 Federal Agencies Contracted With Hacked Software Maker MOVEit

Ransomware Misconceptions Abound, to the Benefit of Attackers

UPS Discloses Data Breach After Exposed Customer Info Used in SMS Phishing

Australia’s Perpetual Says ‘Tech Outage’ Affected Some Funds in Cyber Incident

Atlanta Women’s Health Group Files Notice of Data Breach Affecting 33k+ Patients

Vincera Institute (PA) Notifies Patients After Ransomware Attack

Security Researchers Uncover New Spyware Implant TriangleDB

Apple Fixes Zero-Days Used to Deploy Triangulation Spyware via iMessage


MOVEit hack: Clop Gang Claims Not to Have BBC, BA, and Boots Data

Russian APT28 Hackers Breach Ukrainian Gov’t Email Servers

Cyberattack Hits European Investment Bank, Follows Warning to Financial Sector From Russian Hackers

DoNot Team: Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign

Data Leak at Major Law Firm HWL Ebsworth Sets Australia’s Government and Elites Scrambling

Crypto Hack Alarms Ramp up as Authorities Crack Down After $3.7 Billion Stolen

Reddit Confirms BlackCat Gang Pinched Some Data

Over 100,000 ChatGPT Accounts Found in Dark Web Marketplaces

Majority of Users Neglect Best Password Practices: Keeper Security

Microsoft Fixes Azure AD Auth Flaw Enabling Account Takeover

Meta Unveils Voicebox AI to Replicate the Voices of Your Friends and Loved Ones
Hackers Warn University of Manchester Students’ of Imminent Data Leak

Medibank’s Staff Details Stolen After Property Manager Faces Cyber Breach

Oreo Cookie Maker Mondelez International Says Crooks Gobbled up Staff Info

Smart Pet Feeders Expose Personal Data

Internet, Email Access Further Restored at Stephen F. Austin University Following Cyber Attack

Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer

New Condi Malware Builds DDoS Botnet Out of TP-Link AX21 Routers

Hackers Infect Linux SSH Servers With Tsunami Botnet Malware

VMware Warns of Critical vRealize Flaw Exploited in Attacks

Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products

Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices


State-Backed CL-STA-0043 Hackers Employ Advanced Methods to Target Middle Eastern and African Governments

Guess What Happened to This U.S. Agency Using Outdated Software?

Android Spyware Camouflaged as VPN, Chat Apps on Google Play

Hackers Use Fake OnlyFans Pics to Drop Info-Stealing Malware

Millions of UK University Credentials Found on Dark Web

Data Breach at New BreachForums: 4,000 Members’ Data Leaked

U.S. Investors Sniffing Around Blacklisted NSO Group Assets

Generative AI Has Its Risks, But the Sky Isn’t Falling
Des Moines Public Schools Confirms Ransomware Attack, Data Theft

New Horizons Medical (MA) Reports Leaked Patient SSNs Following Recent Data Breach

Parker Wellbore (TX) Files Notice of Recent Data Breach

The Hatcher Agency (AR) Confirms Data Breach Involving 9,500 Individuals’ Personal Information

FirstBank Puerto Rico Announces Data Breach After Cyberattack at MIAC

Researchers Discover New Sophisticated Toolkit ‘JokerSpy’ Targeting Apple macOS Systems

ASUS Urges Customers to Patch Critical Router Vulnerabilities


Top EU official urges more countries to ban China’s Huawei, ZTE from 5G networks

U.S. Gov’t Offers $10 Million Bounty for Info on Clop Ransomware

U.S. Energy Dep’t Gets Two Ransom Notices as MOVEit Hack Claims More Victims

Millions of Oregon, Louisiana State IDs Stolen in MOVEit Breach

Explainer: How MOVEit Breach Shows Hackers’ Interest in Corporate File Transfer Tools

Humans Aren’t Mentally Ready for an AI-Saturated ‘Post-Truth World’

SMS Delivery Reports Can Be Used to Infer Recipient’s Location

Khashoggi Widow Suing Israeli Firm, Says Spyware Caused Her to ‘Constantly Be Looking Over Her Shoulder’

Police Cracks Down on DDoS-For-Hire Service Active Since 2013
Microsoft Says Early June Disruptions to Outlook, Cloud Platform, Were Cyberattacks

Killnet Threatens Imminent SWIFT, World Banking Attacks

Rhysida Ransomware Leaks Documents Stolen From Chilean Army

New Zealand’s Smartpay Hit With Ransomware in Latest Antipodean Cyberattack Incident

BlackCat (ALPHV) Ransomware Gang Threatens to Leak Stolen Reddit Data from February Breach

From Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin Botnet

ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC

New Mystic Stealer Malware Increasingly Used in Attacks

Western Digital Boots Outdated NAS Devices Off of My Cloud


New Report Reveals Shuckworm’s (aka Armageddon) Long-Running PowerShell USB Intrusions on Ukrainian Organizations

A Shady Chinese Firm’s Encryption Chips Got Inside the Navy and NASA

Barracuda: Chinese Spies UNC4841 Breached Hundreds of Public, Private Networks, Security Firm Says

Krebs: CISA Order Highlights Persistent Risk at Network Edge

CISA and NSA Publish BMC Hardening Guidelines

Food Producers Band Together in Face of Cyber Threats

Study Reveals Ransomware as Most Popular Cybercrime Service

Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency

Russian LockBit Ransomware Hacker Extorted Millions From U.S. Businesses, Prosecutors Say
U.S. Government Agencies Hit in Global MOVEit Cyberattack

Clop Ransomware Gang Starts Extorting MOVEit Data-Theft Victims

MOVEit Transfer Customers Warned of New Flaw as PoC Info Surfaces

North Korea Created Very Phishy Evil Twin of Naver, South Korea’s Top Portal

International Chapter of the P.E.O. Sisterhood Announces Recent Data Breach Following Ransomware Attack

Pearland Independence School District (TX) Warns Families of Data Breach

GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files

New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries


EU Passes Landmark Artificial Intelligence Act

The Pace Of AI Innovation For Cybersecurity Is Fast And Furious

Microsoft Links Data Wiping Attacks to New Russian GRU Hacking Group ‘Cadet Blizzard’

Estonian Police Investigate Crypto Hack Blamed on North Korean Lazarus Hackers

Chinese Hackers Use DNS-Over-HTTPS for Linux Malware Communication

Malicious Actors Exploit GitHub to Distribute Fake Exploits

LockBit Victims in the U.S. Alone Paid Over $90M in Ransoms Since 2020

Moving the Cyber Industry Forward Requires a Novel Approach
Fake WannaCry Ransomware Targets Russian “Enlisted” FPS Players

33,000 Patients Caught in Data Breach at Maimonides Medical Center (NY)

Leidos Experiences Data Breach Resulting from Vulnerability in Software Provided By Diligent Corporation

Henry Ford Health System Patient Data Exposed in mscripts, Data Breach

New Golang-Based Skuld Malware Stealing Discord and Browser Data from Windows PCs

New ‘Shampoo’ Chromeloader Malware Pushed via Fake Warez Sites

Microsoft Says Azure Outage Was Caused by ‘Anomalous’ Traffic Spike, Claimed by ‘Anonymous Sudan’

Researchers Uncover XSS Vulnerabilities in Azure Services


‘Aggressive’ China Cyberattacks Are the ‘Defining Threat’ of Our Time, Top U.S. Cyber Official Says

Renewal of U.S. Surveillance Program Faces Resistance From Both Parties

UFO Whistleblower, Meet a Conspiracy-Loving Congress

Massive Phishing Campaign Uses 6,000 Sites to Impersonate 100 Brands

RDP Honeypot Targeted 3.5 Million Times in Brute-Force Attacks

CISA Orders Federal Agencies to Secure Internet-Exposed Network Devices

Why Critical Infrastructure Remains a Ransomware Target

Researchers Report First Instance of Automated SaaS Ransomware Extortion

U.S. Regulators Tell Automakers Not to Comply With Massachusetts Vehicle Data Law

Last of the Gozi 3 Sentenced Over Windows Info-Stealing Malware Ops
St. Margaret’s Health Is the First Health Care Facility to Link Its Closing to a Ransomware Attack

Zacks Confirms Hack, 9M Accounts Impacted

UK Telco Watchdog Ofcom, Minnesota Dept of Ed Named as Latest MOVEit Victims

TST BOCES (NY) Files Notice of Data breach Affecting SSNs of More than 11k Individuals

Crypto Wallets Under Attack By DoubleFinger Malware

Adversary-in-the-Middle Attack Campaign Hits Dozens of Global Organizations

Pirated Windows 10 ISOs Install Clipper Malware via EFI Partitions

WordPress Stripe Payment Plugin Bug Leaks Customer Order Details

Krebs: Microsoft Patch Tuesday, June 2023 Edition

June Patch Tuesday: VMware Vuln Under Attack by Chinese Spies, Microsoft Kinda Meh


Americans Should Prepare for Cyber Sabotage From Chinese Hackers, U.S. Official Warns

Trump, Indicted on 37 Criminal Counts, to Appear in Federal Court in Miami Tuesday

‘Witch Hunt’

The U.S. Is Openly Stockpiling Dirt on All Its Citizens

Swiss Government Targeted by Series of Cyber-Attacks

A Massive Vaccine Database Leak Exposes IDs of Millions of Indians

Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme

An Anti-Porn App Put Him in Jail and His Family Under Surveillance

Apple’s Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs

Microsoft Stole Our Stolen Dark Web Data, Says Security Outfit

Doing Less With Less: Focusing on Value
Have I Been Pwned Warns of New Zacks Data Breach Impacting 8 Million

Password Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at Risk

Pioneer Valley Ophthalmic Consultants, PC Files Notice of Third-Party Alta

Data Breach at Idaho Department of Health and Welfare

Columbus Regional Healthcare System (NC) Data Breach Following Ransomware Attack

Microsoft: Azure Portal Outage Was Caused by Traffic “Spike”

Cybercriminals Using Powerful BatCloak Engine to Make Malware Fully Undetectable

Researchers Uncover Publisher Spoofing Bug in Microsoft Visual Studio Installer

Fortinet: New FortiOS RCE Bug “May Have Been Exploited” in Attacks

Exploit Released for MOVEit RCE Bug Used in Data Theft Attacks


U.S. Confirms China Has Had a Spy Base in Cuba Since at Least 2019

New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies

Ukrainian Hackers Take Down Service Provider for Russian Banks

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants

Shell Recharge Security Lapse Exposed EV Drivers’ Data

Strava Heatmap Feature Can Be Abused to Find Home Addresses

This Surveillance System Tracks Inmates Down to Their Heart Rate

DOJ Charges Two Russians in 2011 Mt. Gox Crypto Hack
University of Manchester Suffers Suspected Data Breach During Cyber Incident

Members of the Public Among Those Affected by Massive Nova Scotia Cyberattack

BlackCat Ransomware Fails to Extort Australian Commercial Law Giant HWL Ebsworth

‘Pink Drainer’ Hackers Steal $3 Million by Impersonating Crypto News Journalists

Microsoft’s Azure Portal Down Following New Claims of DDoS Attacks

Fortinet Fixes Critical RCE Flaw in Fortigate SSL-VPN Devices, Patch Now

New MOVEit Transfer Critical Flaws Found After Security Audit, Patch Now


Espionage Attacks in North Africa Linked to “Stealth Soldier” Backdoor

Google Changes Email Authentication After Spoof Shows a Bad Delivery for UPS

Robot Can Rip the Data Out of Ram Chips With Chilling Technology

Mattel Experiments With ChatGPT in Cybersecurity

Microsoft Brings OpenAI Tech to U.S. Agencies

The Bizarre Reality of Getting Online in North Korea

Interpol: Human Trafficking is Fueling Fraud Epidemic
Clop Ransomware Likely Testing MOVEit Zero-Day Since 2021

Culbertson Memorial Hospital (IL) Data Breach Affects Patients and Employees

Asylum Ambuscade Hackers Mix Cybercrime With Espionage

Royal Ransomware Gang Adds BlackSuit Encryptor to Their Arsenal

Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation

Krebs: Barracuda Urges Replacing — Not Patching — Its Email Security Gateways


Russian Clop Ransomware Crew Sets June 14th Extortion Deadline for MOVEit Victims to Pay Up

Here’s How the Gang Did It

North Korean APT Group Kimsuky Expands Social Engineering Tactics

Lazarus Hackers Linked to the $35 Million Atomic Wallet Heist

Federal Cyber Oversight of Critical Infrastructure is Failing, Report Warns

CISA and Partners Publish Guide For Remote Access Security

10 Years After Snowden’s First Leak, What Have We Learned?

Barracuda Says Hacked ESG Appliances Must Be Replaced Immediately

The Bold Plan to Create Cyber 311 Hotlines

Florida Man Pleads Guilty to $100m Cisco Counterfeit Scheme
Honda API Flaws Exposed Customer Data, Dealer Panels, Internal Docs

Japanese Pharma Giant Eisai Working With Law Enforcement to Resolve Ransomware Attack

Ascension Reports Data Breach Due to Third Party Vendor Vertex

Pacific Union College Acknowledges Ransomware Attack, but Denies Data Breach

MasterCorp (TN) Files Notice of Data Breach Following Cyberattack

Gateway First Bank (OK) Data Breach Following Unauthorized Access to Employee Email Accounts

New Fractureiser Malware Used CurseForge Minecraft Mods to Infect Windows, Linux

VMware Fixes Critical Vulnerabilities in vRealize Network Analytics Tool

Cisco Fixes AnyConnect Bug Giving Windows SYSTEM Privileges


Cyberspace Plays Key Role in Growing U.S.-China Tension

U.S. Gov’t Now Bans TikTok From Contractors’ Work Gear

Krebs: Service Rents Email Addresses for Account Signups

New ChatGPT Attack Technique Spreads Malicious Packages

Kaspersky Releases Tool to Detect Zero-Click iOS Attacks

With iOS 17, Apple Lets You Share AirTags With Friends and Family

Apple Expands Its On-Device Nudity Detection to Combat CSAM

FBI Warns of ‘Deepfakes’ in Sextortion Schemes

1Password Launches Its Public Passkey Beta

Cyber Chiefs Seeking Board Seats Have Their Work Cut Out for Them

Malwarebytes May Not Be Allowed to Label Rival’s Application as ‘Potentially Unwanted’

Microsoft Cops $20M Slap on the Wrist for Mishandling Kids’ Xbox Data

Police Use of PayPal Records Under Fire After Raid on ‘Cop City’ Protest Fund Trio
Verizon DBIR: Social Engineering Breaches Double, Leading to Spiraling Ransomware Costs

New ‘PowerDrop’ PowerShell Malware Targets U.S. Aerospace Industry

Outlook.com Hit by Outages as Hacktivists Claim DDoS Attacks

The University of Rochester Breached From Vulnerability in File Transfer Service

South Jersey Behavioral Health Resources Attacked with Possible Data Breach

Criminal Group Strikes Montclair (NJ) with Cyber Attack, Mayor Says

Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals

Over 60,000 Android Apps Secretly Installed Adware for Past Six Months

Three Vulnerabilities Discovered in Game Dev Tool RenderDoc

Android Security Update Fixes Mali GPU Flaw Exploited by Spyware

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability – Update Now!


Hacks Against Ukraine’s Emergency Response Rise During Bombings

Ukraine Hacks Russian TV With Video Trolling Moscow Over Counteroffensive

Microsoft Says Clop Ransomware Gang Is Behind MOVEit Mass-Hacks, as First Victims Come Forward

British Airways, Boots, BBC Payroll Data Stolen in MOVEit Supply-Chain Attack

Clop Ransomware Claims Responsibility for MOVEit Extortion Attacks

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts

New Tool Scans iPhones for ‘Triangulation’ Malware Infection

KeePass v2.54 Fixes Bug That Leaked Cleartext Master Password

Three Things To Do Before Hiring A Cybersecurity Company
Caribbean Island of Martinique Dealing With Cyberattack That Disrupted Government Services

Global Zipper Maker YKK Group Hit with LockBit Breach

SuperVPN Data Breach Exposes 360M Records

RansomHouse Ransomware Gang Reportedly Steals Data From Mission Community Hospital (CA)

Satacom Malware Campaign Steals Crypto Via Stealthy Browser Extension

SpinOk Android Malware Found in More Apps With 30 Million Installs

Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors

Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack

GIGABYTE Releases New Firmware to Fix Recently Disclosed Security Flaws


World’s Spy Chiefs Meet in Secret Conclave in Singapore

Malaysia Goes Its Own Huawei, Won’t Ban Chinese Vendor From 5G Network

Chinese Phishing Gang “PostalFurious” Expands Campaign

U.S. and Korean Agencies Issue Warning on North Korean Cyber-Attacks

Kimsuky (APT43) Hackers Pose as Journalists to Steal Intel

How AI Protects (and Attacks) Your Inbox

Malicious Chrome Extensions With 75M Installs Removed From Web Store

The Messy U.S. Influence That’s Helping Iranians Stay Online

Uncle Sam Wants DEF CON Hackers to Pwn This Moonlighter Satellite in Space

Cybersecurity Risks and Privacy Rules Add Pressure on Boards

4 Areas of Cyber Risk That Boards Need to Immediately Address

Want Sustainable Security? Find Middle Ground Between Tech & Education
Burton Snowboards Discloses Data Breach After February Attack

Atomic Wallet Hacks Lead To Over $35 Million in Crypto Stolen

Spanish Bank Globalcaja Confirms Ransomware Attack

Shasta Community Health Center (CA) Patients Impacted by Alvaria Data Breach

Eisner Health (CA) Patients’ Info Leaked at Nonstop Administration and Insurance Services

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal

Hackers Hijack Legitimate Sites to Host Credit Card Stealer Scripts

Online Sellers Targeted by New Information-Stealing Malware ‘Vidar’ Campaign

Zyxel Shares Tips on Protecting Firewalls From Ongoing Attacks

Windows 11 to Require SMB Signing to Prevent NTLM Relay Attacks

CISA Orders Gov’t Agencies to Patch MOVEit Bug Used for Data Theft


Kaspersky Says Attackers Hacked Staff iPhones With Unknown Malware

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

Kremlin Claims Apple Helped NSA Spy on Diplomats via iPhone Backdoor

N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT

Krebs: Ask Fitis, the Bear: Real Crooks Sign Their Malware

Cybersecurity Budgets Aren’t Untouchable

Walmart Finds AI—With Human Control—Is Useful for Cybersecurity

OpenAI Found a Way to Make AI Models More Logical and Avoid Hallucinations

Google Triples Rewards for Chrome Sandbox Escape Chain Exploits

How to Keep Cyberattacks from Tanking Your Balance Sheet
Horabot Campaign Targets Spanish-Speaking Users in the Americas

Harvard Pilgrim Health Care Ransomware Attack Hits 2.5 Million People

University of Waterloo (ON) Investigates Suspected Ransomware Attack on Email Server

Middlesex County Public Schools (VA) Confirms Ransomware Attack

Hillsborough (FL) Confirms a Cyberattack Exposed the Personal Info for 58,000 Voters

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics

New MOVEit Transfer Zero-Day Mass-Exploited in Data Theft Attacks

Exploit Released for RCE Flaw in Popular ReportLab PDF Library