Current News
In a significant cybersecurity incident, nearly a million users have become victims of a sweeping data breach reported in October 2023. This incident has specifically affected users who had their personal information compromised, raising concerns about privacy and data protection.
The Breach Uncov...
Cisco, a leading provider of networking hardware and software, has issued an emergency update for its AnyConnect VPN tool. This update, released globally, comes in response to critical vulnerabilities that were actively being exploited by malicious actors. Users worldwide are urged to implement the...
On August 31, 2018, an intriguing report emerged from the cybersecurity community about a vulnerability identified by Frans Rosén. The report detailed a Remote Code Execution (RCE) exploit through ImageMagick discovered within the services of Semrush, a prominent SaaS provider specializing in search...
In 2024, the Cloud Security Alliance reported major threats in cloud computing environments, highlighting misconfigurations, inadequate change control, and issues in Identity and Access Management (IAM) as pressing security challenges. To address these, HackerOne has developed a Pentest as a Service...
In an effort to address the evolving landscape of cybercrime, German authorities have drafted a new law targeting computer-related offenses. The working draft, often referred to as the 'Hacker Paragraph,' was made public recently to invite discussion and transparency. This release follows an increas...
In a significant enforcement action by the U.S. Securities and Exchange Commission (SEC), several IT firms have been fined for allegedly minimizing the severity of security breaches linked to SolarWinds Orion. This move comes as the SEC aims to deter companies from misleading shareholders about cybe...
In a disturbing development, millions of customers of Hot Topic, a retail chain known for alternative fashion, have found themselves victims of a data breach orchestrated by a hacker self-identified as 'Satanic'. This alarming incident underscores the ongoing vulnerabilities faced by businesses and...
In recent developments, a security gap within the United Nations Trust Fund to End Violence Against Women exposed more than 115,000 files online, including sensitive personal information. This exposure occurred due to a database lacking password protections, leaving information from partner organiza...
In today's fast-evolving digital landscape, the issue of cybersecurity has never been more prevalent. The question posed by experts is whether the cybersecurity industry can prevent repeating past failures. With incidents like the infamous WannaCry attack, it is clear that relying on the traditional...
In a proactive measure to address emerging cybersecurity concerns, Cisco temporarily dismantled its developer hub after indications of data theft surfaced. This strategic decision unfolded as reports suggested unauthorized access to sensitive information, casting a shadow over the tech giant's secur...
Nidec Corporation, a Japanese manufacturer known for its precision motors, recently fell victim to a cyberattack when ransomware was used to compromise its systems. The incident was uncovered in October 2023, impacting several of its facilities worldwide. Despite the severe implications, Nidec chose...
On October 15, the Internet Archive, known for its Wayback Machine, confirmed a data breach amid ongoing Distributed Denial-of-Service (DDoS) attacks that have left the platform vulnerable. The breach exposed 31 million users, compromising sensitive information, while hackers began responding to sup...
In October 2024, the Internet Archive, the world's largest digital library, faced a significant cybersecurity breach. This non-profit organization, known for preserving vast amounts of digital content and making it accessible to the public, was attacked by hackers. Although the institution holds a c...
In a significant move on the tech landscape, the former Chief Information Security Officer (CISO) of Palantir, Dane Stuckey, has joined OpenAI. This transition, announced in October 2023, sees Stuckey taking charge of AI model and system security at OpenAI. While Matt Knight remains the Head of Secu...
Recent discoveries have uncovered significant security vulnerabilities in antivirus software from Bitdefender and Trend Micro, potentially endangering systems worldwide. These vulnerabilities were identified during an examination of the software’s security features and highlight the necessity for ti...
We are excited to share the latest updates from Microsoft concerning the recent security review for Microsoft Edge, version 130. This review has inspected the settings accompanying the new version released in early November 2023.
The review concluded that there are no additional security settings...
A recent discovery has unveiled a critical security vulnerability in certain Kubernetes Image Builders, which can create virtual machine (VM) images with static default credentials. This flaw exposes systems to potential root-level attacks, allowing adversaries a significant level of control over co...
In today's fast-paced technological landscape, the challenge lies in seamlessly integrating robust security measures without hindering the speed of application development. Organizations must strike a delicate balance between ensuring security and maintaining rapid development cycles to remain compe...
In a striking development within the cyber community, Chinese cybersecurity experts have raised serious concerns regarding the integrity of Intel's CPU hardware. These professionals allege that for more than a decade, Intel has been complicit in installing backdoors in its processors at the behest o...
Cybersecurity researchers have discovered a new attack vector targeting macOS Sequoia users. This innovative method exploits Apple's security changes by guiding users to drop malicious code into the Terminal, bypassing traditional Gatekeeper prompts.
What is Gatekeeper?
Gatekeeper is a crucial s...