Biden Announces National Cyber Workforce and Education Strategy

APT31 (aka Judgment Panda and Zirconium) Implants Target Industrial Organizations

UK Military Embraces Security by Design

No Evidence Ransomware Victims With Cyber Insurance Pay Up More Often, UK Report Says

Hackers Steal Signal, WhatsApp User Data With Fake Android Chat App

Canon Warns of Wi-Fi Security Risks When Discarding Inkjet Printers

Hikvision, Nvidia Named in Contract for ‘Uyghur Detection’

California Opens Privacy Probe Into Who Controls, Shares the Data Your Car Is Collecting

U.S. Chamber of Commerce Opposes New SEC Cybersecurity Reporting Rule
Mattress Giant Tempur Sealy Hit With Cyberattack Forcing System Shutdown

Paramedic Billing Services Provides Notice of Data Breach Affecting Patient SSNs and PHI

Mendocino County (CA) Office of Education Announces Possible Ransomware Attack or Data Hack

SpyNote Android Spyware Strikes Financial Institutions

Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT

Hackers Exploit BleedingPipe RCE to Target Minecraft Servers, Players

New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods

AVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy Service

It’s Hot Zero-Day Summer for Apple, Google, and Microsoft Security Fixes


U.S. Hunts Chinese Malware That Could Disrupt American Military Operations

Russian BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities

Australia and U.S. Issue Warning About Web App Threats

New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads

New Study Reveals Forged Certificate Attack Risks

Google: Android Patch Gap Makes N-Days as Dangerous as Zero-Days

Another AI Pitfall: Digital Mirroring Opens New Cyberattack Vector

Apple Sets New Rules for Developers to Prevent Fingerprinting and Data Misuse

Browser Developers Push Back on Google’s “web DRM” WEI API

FBI Boss: Congress Must Renew Section 702 Spy Powers – That’s How We Get Nearly All Our Cyber Intel

Twitter’s Rebranding to ‘X’ Triggers Microsoft Edge Security Alert
Israel’s largest Oil Refinery Bazan Group Website Offline After DDoS Attack

Hawai’i Community College Pays Ransomware Gang to Prevent Data Leak

Exposed Sensitive Info on Students, Parents, and Teachers From Southern Association of Independent Schools

Wake Family Eye Care (NC) Experiences Ransomware Attack and Subsequent Data Breach

Hackers Are Infecting Call of Duty Players With a Self-Spreading Malware

New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data

IcedID Malware Adapts and Expands Threat with Updated BackConnect Module

Linux Version of Abyss Locker Ransomware Targets VMware ESXi Servers

Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required

Ivanti Warns of Another Endpoint Manager Mobile Vulnerability Under Active Attack


Microsoft Responsible for China’s U.S. Government Email Hack, Senator Wyden Says

Microsoft Faces Mounting Scrutiny Over China-Linked Email Hack

CoinsPaid Blames Lazarus Hackers for Theft of $37,300,000 in Crypto

“Mysterious Elephant” Emerges, Kaspersky Reports

U.S. Spies Are Lobbying Congress to Save a Phone Surveillance ‘Loophole’

Cyber Experience on Boards Still Seen as Critical in New SEC Rules

Requires All Cyber-Incident Disclosures Within Four Days

Krebs: Russia Sends Cybersecurity CEO Iyla Sachkov to Jail for 14 Years

SSNDOB Cybercrime Market Admin Faces 15 Years After Pleading Guilty

OpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI
Anonymous Sudan Targets Kenya’s Online Services in Multiple DDoS Attacks

Healthcare Files of 8M-Plus People Fall Into Hands of Clop via MOVEit Mega-Bug

University of the West of Scotland Targeted in Ransomware Attack by Rhysida Gang

Swiss Visa Appointments Cancelled in UK Due to ‘IT Incident’

Security Incident Impacts CardioComm’s Operations

Family Vision (SC) Hit By Ransomware, Over 60K Patients Affected

Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining

High Severity Vulnerabilities Discovered in Ninja Forms Plugin

Zimbra Patches Zero-Day Vulnerability Exploited in XSS Attacks

BreachForums Database and Private Chats for Sale in Hacker Data Breach


China Says Wuhan Earthquake Centre Attacked by Overseas Hackers

Repeatable VEC Attacks Target Critical Infrastructure

Krebs: Who and What is Behind the Malware Proxy Service SocksEscort?

ALPHV Ransomware Adds Data Leak API in New Extortion Strategy

Twitter Scammers Stole $1,000 From My Friend—So I Hunted Them Down

Microsoft Previews Defender for IoT Firmware Analysis Service

Russia Throws Founder of Infosec Biz Group-IB Ilya Sachkov in the Clink for 14 Years for Treason

Tackling the Labor Shortage in Cybersecurity

U.S. SEC Adopts New Cyber Rule, Unveils Brokerage AI Proposal
Cyber Attack in South England Leaves Hospitals Without Access to Patient Records

Lazarus Hackers Linked to $60 Million Alphapo Cryptocurrency Heist

Fenix Cybercrime Group Poses as Tax Authorities to Target Latin American Users

Dark Web Markets Offer New FraudGPT AI Tool

New Nitrogen Malware Pushed via Google Ads for Ransomware Attacks

Akira Ransomware Compromised at Least 63 Victims Since March

Almost 40% Of Ubuntu Users Vulnerable to New Privilege Elevation Flaws

Windows 10 KB5028244 Update Released with 19 Fixes, Improved Security


Biden Nominates Harry Coker to Be National Cyber Director

Critical Infrastructure Companies Warned to Watch for Ongoing Cyberattack

Hacker Claims to Have Stolen Sensitive Medical Records from Egypt’s Ministry of Health

TETRA Radio Comms Used by Emergency Heroes Easily Cracked, Say Experts

ChatGPT Has a Plug-In Problem

UK Government Report Finds Cybersecurity Skills Gap Stagnant

He Went to Prison for Crypto Crime: Now He’s an Advocate for Compliance

France’s Thales to Buy Imperva in $3.6 Billion Cybersecurity Deal

IBM: Cost of Data Breaches Reaches All-Time High of $4.5 Million in 2023

Law Firm Must Hand Over Names of Some Clients Affected by 2020 Cyberattack, Judge Says
SiegedSec Hacktivist Claims to Strike NATO and Leak Sensitive Docs

American United Life Insurance Company Confirmed Data Breach Leaked Consumers’ SSNs

Over 400,000 Corporate Credentials Stolen by Info-Stealing Malware

Decoy Dog Malware Upgraded to Include New Features

Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique

New Realst macOS Malware Steals Your Cryptocurrency Wallets

Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo

VMware Fixes Bug Exposing CF API Admin Credentials in Audit Logs

Super Admin Elevation Bug Puts 900,000 MikroTik Devices at Risk

CISA Warns Gov’t Agencies to Patch Ivanti Bug Exploited in Attacks


China Propaganda Spreads via US News Sites, Freelancers, Times Square

Cyber-Attack Strikes Norwegian Government Ministries

Lazarus Hackers Hijack Microsoft IIS Servers to Spread Malware

JumpCloud Hack Linked to North Korea After OPSEC Mistake

Clop Could Make $100m From MOVEit Campaign

Code Kept Secret for Years Reveals Its Flaw—a Backdoor

Flipper Zero Now Has Its Own App Store for iOS, Android Users

A Critical Cybersecurity Backup Plan That Too Many Companies Are Ignoring

Google Half-Patches Cloud Build Permissions Exploit, the Rest Is on You
Quinn Emanuel Reports Cyber Attack Involving ‘Limited’ Client Data

Tampa General Hospital Data Breach Impacts 1.2 Million Patients

Yamaha Confirms Cyberattack After Multiple Ransomware Gangs Claim Attacks

Italian Asset Manager Azimut Targeted by BlackCat Hackers

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection

AMD Zenbleed Chip Bug Leaks Secrets Fast and Easy

Ivanti Patches MobileIron Zero-day Bug Exploited in Attacks

Apple Fixes New Zero-Day Used in Attacks Against iPhones, Macs


The Chinese Groups Accused of Hacking the U.S. and Others: STORM-0558, VOLT TYPHOON, BACKDOORDIPLOMACY, APT41, APT27

Stolen Microsoft Key May Have Opened up a Lot More Than U.S. Gov’t Email Inboxes

U.S. DoJ Announces Plan to Shakeup Cybercrime Investigations

OpenAI, Google, Others Pledge to Watermark AI Content for Safety, White House Says

Apple Threatens to Pull iMessage and FaceTime from UK Amid Surveillance Demands

Krebs: Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Banks In Attackers’ Crosshairs, Via Open Source Software Supply Chain

Russian Prosecutor Asks for 18 Years in Jail for Group-IB Founder Ilya Sachkov

Crypto Couple ‘Razzlekhan’ & Husband Appear Set to Plead Guilty in Bitcoin Hack Money Laundering Case
Clop Now Leaks Data Stolen in MOVEit Attacks on Clearweb Sites

Clop Gang to Earn Over $75 Million From MOVEit Extortion Attacks

Investigation Into Louisiana OMV Cyber Attack Discovers Much More Personal Information Was Exposed

Ransomware Attack on George County (MS) a ‘Cautionary Tale’

The Franklin Mutual Insurance Group (NJ) Notifies Victims of Recent Data Breach Following An Earlier Ransomware Attack

HotRat: New Variant of AsyncRAT Malware Spreading Through Pirated Software

Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities

Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action

CISA Warns Gov’t Agencies to Patch Adobe ColdFusion Servers

CVSS 4.0 Is Here, but Prioritizing Patches Still a Hard Problem


U.S. Ambassador to China Hacked in China-Linked Spying Operation

Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector

North Korea Labyrinth Chollima (aka Lazarus) Breached JumpCloud to Target Cryptocurrency Clients

GitHub Warns of Lazarus Hackers Targeting Devs With Malicious Projects

AI Being Used for Hacking and Misinformation, Top Canadian Cyber Official Says

Half of AI Open Source Projects Reference Buggy Packages

Satellites Are Rife With Basic Security Flaws

NSA, Cyber Command Nominee Touts Support of Section 702 Renewal

Google Messages Signs Onto Cross-Platform Encrypted Group Chat Standard

Kevin Mitnick, Formerly the World’s ‘Most-Wanted’ Hacker, Has Passed Away
MOVEit Body Count Closes in on 400 Orgs, 20M+ Individuals

Eight Steps To Negotiating With Ransomware Hackers

Old Roblox Data Leak Resurfaces, 4000 Users’ Personal Information Exposed

Charter Oak (CT) Bank Website Back Online After Cyber Attack

Lancaster Orthopedic Group (PA) Breach Exposes More Than 500 Patients’ Personal, Medical Info

Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks

Zyxel Vulnerability Exploited by DDoS Botnets on Linux Systems

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks

Should You Be Using a Cybersecurity Careers Framework?


Chinese APT41 Linked to WyrmSpy and DragonEgg Surveillanceware

UK NCA: Nation States Using Cybercrime Groups as Proxies

House Committee Takes Aim at U.S. Venture Capital Firms for Investments in Chinese A.I.

Crypto Industry Faces New Pressure From Anti-Money Laundering Regulations

Critical API Security Gaps Found in Financial Services

Scam Job Offers Target University Students

Google Restricting Internet Access to Some Employees to Reduce Cyberattack Risk

Microsoft to Offer Some Free Security Products After Criticism

CISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against Threats

Tech Support Scammers Go Analog, Ask Victims to Mail Bundles of Cash

The NYPD Is Testing Drones That Broadcast Public Safety Warnings During Emergencies

Ukraine Takes Down Massive Bot Farm, Seizes 150,000 Sim Cards
Victims of Cyberattack on MOVEit File-Transfer Tool Pile Up

Estee Lauder Hit by Cyberattack, Some Business Operations Affected

BlackCat, Clop Claim 

Australia’s Fortescue Hit by Cyber Attack That Disclosed Some Network Data

Tampa General Hospital Reports Data Breach

Phoenician Medical Center, (AZ) Notifies 162,500 Patients of Recent Data Breach

OpenAI Credentials Stolen by the Thousands for Sale on the Dark Web

Home Depot Cashier Fired After Exposing Customer Info While Doing Viral NPC Trend

P2P Self-Replicating Cloud Worm Targets Redis

Microsoft: Hackers Turn Exchange Servers Into Malware Control Centers

Adobe Emergency Patch Fixes New ColdFusion Zero-Day Used in Attacks

Attorneys on Alert for Cybersecurity Threats: New York’s New CLE Training Requirement


As Many As 700,000 Turkish TikTok Accounts Were Hacked Before The Country’s Presidential Election

Major Government Hack a Wake-up Call for Agencies

The Biden Administration Is Tackling Smart Devices With a New Cybersecurity Label

CISA Orders Gov’t Agencies to Mitigate Windows and Office Zero-Days

AI Must Have Better Security, Says Top UK Cyber Official

Amazon’s In-Van Surveillance Footage of Delivery Drivers Is Leaking Online

Krebs: LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Rival U.S. Lawmakers Mobilize to Stop Police From Buying Phone Data

U.S. Blacklists Intellexa and Cytrox That Built Meta, iOS and Android Spyware

Netcraft Raises $100 Million From Spectrum Equity
Recycling Giant TOMRA Pulls Systems Offline Following ‘Extensive Cyberattack’

VirusTotal Data Leak Affects 5K+ Users

Russian Medical Lab Helix Suspends Some Services After Ransomware Attack

Potential Data Breach Could Impact Concealed Carry Permit Holders in a Custer County (CO)

Cybersecurity Firm Sophos Impersonated by New SophosEncrypt Ransomware

drIBAN Fraud Operations Target Corporate Banking Customers

FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks

New Critical Citrix ADC and Gateway Flaw Exploited as Zero-Day

Google Cloud Build Bug Lets Hackers Launch Supply Chain Attacks


‘Millions’ of Sensitive U.S. Military Emails Were Reportedly Sent to Mali Due to a Typo

EU Urged to Prepare for Quantum Cyber-Attacks

JumpCloud Discloses Breach by State-Backed APT Hacking Group

Meet NoEscape: Avaddon Ransomware Gang’s Likely Successor

Acting White House Cyber Director Kemba Walden Withdraws Nomination

Health Tech Vendor NextGen Healthcare to Pay $31m After Kickback Allegations

IT Worker Jailed for Impersonating Ransomware Gang to Extort Employer

Russian Charged with Tech Smuggling and Money Laundering

Police Arrests Ukrainian Scareware Developer After 10-Year Hunt
Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting

Malicious USB Drives Targeting Global Targets with SOGU and SNOWYDRIVE Malware

Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps

Henry Ford Health Confirms Data Breach Affecting 168,000 Patients

Idea Financial Files Notice of Data Breach Impacting Over 37k Consumers

The Accreditation Commission for Education in Nursing Data Breach Affects 11,980

Adobe Warns of Critical ColdFusion RCE Bug Exploited in Attacks

Hackers Exploiting Critical WordPress WooCommerce Payments Bug

CISA Shares Free Tools to Help Secure Data in the Cloud


Microsoft Says Chinese Hackers Used Code Flaw to Steal Emails From U.S. Agencies

Chinese APT Favorite Backdoor Shadowpad Found in Pakistani Government App

Xi Jinping Calls for ‘Solid’ Security Barrier Around China’s Internet

EV Charging Networks Prepare for Cyberattacks

Krebs: SEO Expert Hired and Fired By Ashley Madison Turned on Company, Promising Revenge

Nude Videos of Kids From Hacked Baby Monitors Were Sold on Telegram

FBI Surveillance Fears Are Uniting a Badly Broken Congress

Lapsus$ Teen Hacked Uber, Revolut and Grand Theft Auto Maker, London Court Hears

BreachForums Owner Pompompurin Pleads Guilty to Hacking Charges

Genesis Market Infrastructure and Inventory Sold on Hacker Forum

London Mayor’s Office Breach: Sexual Abuse Survivor Personal Information May Have Been Accessible Online
Colorado State University Says Data Breach Impacts Students, Staff

Shutterfly Says Clop Ransomware Attack Did Not Impact Customer Data

The Discovery Channel and Shutterfly Among Cl0p’s Latest MOVEit Transfer Ransomware Victims

WordPress AIOS Plugin Used by 1M Sites Logged Plaintext Passwords

Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys

Gamaredon Hackers Start Stealing Data 30 Minutes After a Breach

LokiBot Malware Targets Windows Users in Office Document Attacks

TeamTNT’s Cloud Credential Stealing Campaign Now Targets Azure and Google Cloud

New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries

Cisco SD-WAN vManage Impacted by Unauthenticated REST API Access

Training’s New Understanding


Microsoft Under Fire After Hacks of U.S. State and Commerce Departments

Blinken Warns Chinese Counterpart

Mandiant Unveils Russian GRU’s Cyber Playbook Against Ukraine

White House Outlines ‘Roadmap’ for Cybersecurity Goals

Fake PoC for Linux Kernel Vulnerability on GitHub Exposes Researchers to Malware

USB Drive Malware Attacks Spiking Again in First Half of 2023

New CVSS Version Unveiled Amid Rising Cyber Threats

Google Play Will Enforce Business Checks to Curb Malware Submissions

Celsius Feels the Heat: Ex-CEO Arrested, Watchdogs Line Up to Sue Bankrupt Crypto Biz
PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland

TeamTNT’s Silentbob Botnet Infecting 196 Hosts in Cloud Attack Campaign

Source Code for BlackLotus Windows UEFI Malware Leaked on GitHub

Morehead State University (KY) Hit by Cyber-Attack

WormGPT Cybercrime Tool Heralds an Era of AI Malware vs. AI Defenses

Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks

Security Flaws in Honeywell Devices Could Be Used to Disrupt Critical Industries

Zimbra Urges Admins to Manually Fix Zero-Day Exploited in Attacks


China-Based Hackers Breached U.S. Government Email Accounts, Microsoft and White House Say

How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s Kingdom

Chinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming Sector

Russian Hackers Lured Diplomats in Ukraine With Cheap BMW Ad

Ethical Hackers Reveal How They Use Generative AI

Ransomware Attacks Are on the Rise, Again

Ransomware, From a Different Perspective

Biden Administration Water Cybersecurity Plan Temporarily Blocked
Kent County (DE) Struggling to Respond to Cyberattack

Town of Cornelius (NC) Found Attempted Ransomware Attack

New PyLoose Linux Malware Mines Crypto Directly From Memory

Critical RCE Found in Popular Ghostscript Open-Source PDF Library

Fortinet Warns of Critical RCE Flaw in FortiOS, FortiProxy Devices

SonicWall Warns Admins to Patch Global Management System Critical Auth Bypass Bugs Immediately

Krebs: Apple & Microsoft Patch Tuesday, July 2023 Edition

GitHub Goes Passwordless, Announces Passkeys Beta Preview


South Korea, NATO to Boost Partnership on Security, Cyber Threats

Microsoft: Unpatched Office Zero-Day Exploited in NATO Summit Attacks

Lithuania Hit by Cyberattacks on NATO Summit Eve

Banks, Hotels and Hospitals Among Latest MOVEit Mass-Hack Victims

Clop Ransomware: Behind MOVEit Lies a Loud, Adaptable and Persistent Threat Group

The FCC Aims to Stop Sim Swappers With New Rules

Moroccan Charged With OpenSea NFT and Crypto Theft

Cybersecurity Professional Accused of Stealing $9M in Crypto

Top Silk Road Advisor ‘Variety Jones’ Sentenced to 20 Years in Prison
Deutsche Bank Confirms Provider Breach Exposed Customer Data

HCA Confirms Breach After Hacker Steals Data of 11 Million Patients

ZooTampa Hit by Cyber Attack, Target Unclear

D’Youville University (NY) Data Breach Leaks Student’s Social Security Numbers

SCARLETEEL Cryptojacking Campaign Exploiting AWS Fargate in Ongoing Campaign

Hackers Exploit Windows Policy Loophole to Forge Kernel-Mode Driver Signatures

Apple Confirms WebKit Security Updates Break Browsing on Some Sites

How to Apply MITRE ATT&CK to Your Organization

Cyberattacks Are a War We’ll Never Win, but We Can Defend Ourselves


RomCom Group Targets Ukraine Supporters Ahead of NATO Summit

Crimeware Group Asylum Ambuscade Ventures Into Cyber-Espionage

Central Bankers Develop Framework For Securing Digital Currencies

Social Networks Can Keep Storing EU User Data in the U.S. Under New Agreement

U.S. Seeking to Block Curbs on Government Contact With Social Media Firms

The Quiet Rise of Real-Time Crime Centers

Liberté, Égalité, Spyware: France Okays Cops Snooping on Phones

Honeywell to Buy Israeli Cybersecurity Business Scadafence

In Private Equity Crackdown, DOJ May Challenge Thoma Bravo’s Acquisition of ForgeRock

Former Employee Charged for Attacking Water Treatment Plant

Martin Lewis Shocked at Deepfake Investment Scam Ad

Amazon Prime Day Always Draws Out the Cyber Scammers

Cl0p Has Yet to Deploy Ransomware While Exploiting MOVEit Zero-Day
UK Battles Hacking Wave as BlackCat Ransomware Gang Claims ‘Biggest Ever’ NHS Breach

HCA Healthcare Patient Data Stolen and for Sale by Hackers

Hackers Steal $20 Million by Exploiting Flaw in Revolut’s Payment Systems

Razer Investigates Data Breach Claims, Resets User Sessions

Bangladesh Government Takes Down Exposed Citizens’ Data

Hayward (CA) City Website Down After Weekend Cyber Attack

Archive of Our Own (AO3) Website Suffering Massive DDoS Attacks

Gates Corporation (CO) Hit by Ransomware

Employees of Ambry Genetics and REALM IDx Affected by Vitality Group International Breach

New TOITOIN Banking Trojan Targeting Latin American Businesses

VMware Warns of Exploit Available for Critical vRealize RCE Bug

Apple Releases Emergency Update to Fix Zero-Day Exploited in Attacks

New Mozilla Feature Blocks Risky Add-Ons on Specific Websites to Safeguard User Security


Krebs: Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

Vishing Goes High-Tech: New ‘Letscall’ Malware Employs Voice Traffic Routing

Experts Warn of Rise in Scammers Using AI to Mimic Voices of Loved Ones in Distress

How to Safely Architect AI in Your Cybersecurity Programs

Barracuda Working On Fix for Ongoing Email Gateway Login Issues
More Than 42,000 Affected by Ransomware Attack on Pro Bono The Law Foundation of Silicon Valley

NIH Federal Credit Union Notifies 14,706 Members of Data Breach

BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days

New ‘Big Head’ Ransomware Displays Fake Windows Update Alert

Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software


Apps With 1.5M Installs on Google Play Send Your Data to China

Iranian TA453 Hackers’ Sophisticated Malware Targets Windows and macOS Users

More Organizations Confirm MOVEit-Related Breaches as Hackers Claim to Publish Stolen Data

Nagoya Port Reopens Following Crippling Cyber Attack

Combining Cybersecurity and Tech Roles Helps Solve Security Challenges for Smaller Companies

Silentbob Campaign: Cloud-Native Environments Under Attack

Human Error the Leading Cause of Cloud Data Breaches

Google Searches for ‘USPS Package Tracking’ Lead to Banking Theft

Microsoft Puts Out Outlook Fire, Says ‘Everything’s Fine’ With Teams Malware Flaw

Mastodon Fixes Critical “TootRoot” Vulnerability Allowing Node Hijacking
Ongoing Incident Prompts JumpCloud to Reset API Keys

Over 130,000 Solar Energy Monitoring Systems Exposed Online

24,180 Patient Records Potentially Exposed in Mount Desert Island Hospital (ME) Data Breach

Nickelodeon Investigates Breach After Leak of ‘Decades Old’ Data

Experts Warn of Impending TeamTNT Docker Attacks

CISA: Netwrix Auditor RCE Bug Exploited in Truebot Malware Attacks

Cisco Enterprise Switch Flaw Exposes Encrypted Traffic

Unpatched SolarView Systems Vulnerable to Exploits

Researchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation Vulnerability

Android July Security Updates Fix Three Actively Exploited Bugs


U.S. Spies Can Buy Americans’ Private Data: Congress Has a Chance to Stop It

EV Charger Hacking Poses a ‘Catastrophic’ Risk

3 Critical RCE Bugs Threaten Industrial Solar Panels, Endangering Grid Systems

Ransomware Criminals Are Dumping Kids’ Private Files Online After School Hacks

Sophisticated Email Attacks Target Cryptocurrency Wallets

Aura Sells Cybersecurity to Regular People

Suspected Bank-Infecting OPERA1ER Crime Boss Cuffed

Instagram’s Twitter Alternative ‘Threads’ Launch Halted in Europe Over Privacy Concerns
Japan’s Nagoya Port Faces Disruption After Ransomware Attack

Russian Railway Site RZD Allegedly Taken Down by Ukrainian Hackers

RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

New Tool Exploits Microsoft Teams Bug to Send Malware to Users

RAM-Ramming Rowhammer Is Back – To Uniquely Fingerprint Devices

High-Severity Flaws Fixed in Firefox 115 Update


U.S. Looks to Restrict China’s Access to Cloud Computing to Protect Advanced Technology

EU and Japan Look to Partner on A.I. And Chips as China ‘De-risking’ Strategy Continues

Chinese Threat Actors Target Europe in SmugX Campaign

U.S. Judge Restricts Biden Officials From Contact With Social Media Firms

Swedish Data Protection Authority Warns Companies Against Google Analytics Use

Microsoft Denies Major 30 Million Customer-Breach

Report Reveals Companies Unprepared For Darknet Data Leaks

Biotech CEO Gets Hands-On After Cyberattack to Protect Business

Krebs: Who’s Behind the DomainNetworks Snail Mail Scam?

International Police Operation Dismantles Phone Scam Network
DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors

Israel Aided UAE in Defending Against DDoS Attack Earlier This Year

Dublin Airport Staff Pay Data ‘Compromised’ by Criminals

Nebraska Judicial Branch Reports No Loss of Data in Hack

Murfreesboro Medical Clinic & SurgiCenter (TN) Ransomware Attack Affect 559,000

Meduza Stealer Targets Windows Users With Advanced Tactics

Mexican Hacker ‘Neo_Net’ Unleashes Android Malware on Global Banks

330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw

CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices


Switzerland’s Security Report: Impact of Russia–Ukraine Conflict

CISA Issues DDoS Warning After Attacks Hit Multiple U.S. Orgs

The TSA Will Use Facial Recognition in Over 400 Airports

Sam Altman’s Worldcoin Integrates With Identity Management Software Okta as It Pushes Into Germany

Krebs: Russian Cybersecurity Executive Nikita Kislitsin Arrested for Alleged Role in 2012 Megahacks

Free Akira Ransomware Decryptor Helps Recover Your Files

Snappy: A Tool to Detect Rogue WiFi Access Points on Open Networks

WhatsApp Upgrades Proxy Feature Against Internet Shutdowns

Twitter’s Bot Spam Keeps Getting Worse — It’s About Porn This Time

Cops Told: Er, No, You Need a Wiretap Order if You Want Real-Time Facebook Snooping
Chipmaker TSMC Says Supplier Targeted in Cyberattack

LockBit Claims TSMC Hack, Demands $70m Ransom

TSCM Denies LockBit Hack as Ransomware Gang Demands $70 Million

DeFi Platform Poly Network Hacked, Hackers Issue Millions of Tokens on Metis, Polygon and BSC

Henrietta Johnson Medical Center (DE) Notifies Patients of Data Breach, Potential Exposure

Ransomware Attack Hits Lebanon School District (NH)

BlackCat Ransomware Pushes Cobalt Strike via WinSCP Search Ads

Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts

Apple, Google, and MOVEit Just Patched Serious Security Flaws