Nearly 12,000 API keys and passwords found in AI training dataset
Close to 12,000 valid secrets that include API keys and passwords have been found in the Common Crawl dataset used for training multiple artificial intelligence…
Month: March 2025
HiveOS Vulnerabilities Let Attackers Execute Arbitrary Commands
Security researchers have uncovered three critical vulnerabilities in Extreme Networks’ IQ Engine (HiveOS) that collectively enable authenticated attackers to escalate privileges, decrypt passwords, and execute…
Hackers Abused Google and PayPal’s Infrastructure to Steal Users Personal Data
Cybersecurity researchers have uncovered a sophisticated phishing campaign leveraging Google Ads and PayPal’s infrastructure to deceive users and steal sensitive personal data. The attackers exploited…
U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices
Mar 03, 2025Ravie LakshmananData Privacy / Compliance The U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to…
CMA urged to expedite proposed ‘targeted interventions’ against AWS and Microsoft
Amazon Web Services (AWS) has hit out at the UK competition watchdog for presenting “no credible evidence” to support its claims the public cloud giant’s…
Microsoft links recent Microsoft 365 outage to buggy update
Microsoft says a coding issue is behind a now-resolved Microsoft 365 outage over the weekend that affected Outlook and Exchange Online authentication. According to an…
North Korean IT Workers Using Astrill VPN To Hide Their IPs
Cybersecurity firm Silent Push have confirmed recently that North Korean IT workers continue to utilize Astrill VPN services to hide their true IP addresses when…
U.S. Suspends Cyberattacks Against Russia
The United States has suspended offensive cyber operations against Russia under an order issued by Defense Secretary Pete Hegseth, according to multiple confirmed reports. The…
New Malware Campaign Exploits Microsoft Graph API to Infect Windows
A new cyberattack campaign discovered by FortiGuard Labs, Fortinet’s threat intelligence and research unit, leverages a combination of social engineering, multi-stage malware, and the manipulation…
TikTok: Major investigation launched into platform’s use of children’s data
TikTok is the subject of yet another major investigation, reports BBC News. This time around, the UK’s Information Commissioner’s Office (ICO) is going to look…
Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites
Mar 03, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source…
New Poco RAT Via Weaponized PDF Attacking Users to Capture Sensitive Data
A new variant of malware, dubbed “Poco RAT,” has emerged as a potent espionage tool in a campaign targeting Spanish-speaking users in Latin America. Security…