Short-term extension of expiring cyber information-sharing law could be on the table
With time running short before expiration of a cyber information-sharing law highly valued by the private sector, Congress is taking a look at the possibility…
Month: June 2025
Hackers turn ScreenConnect into malware using Authenticode stuffing
Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden settings within the client’s Authenticode signature. ConnectWise ScreenConnect is…
‘They’re Not Breathing’: Inside the Chaos of ICE Detention Center 911 Calls
During visits in recent months, Emelie says her husband, who was detained at Stewart until he was deported last month, described severe overcrowding. “He told…
BreachForums Is DEAD — Cybercrime’s Biggest Empire Just Got Crushed!
A coordinated law enforcement operation in France has resulted in the arrest of key figures behind BreachForums, one of the most active and influential marketplaces…
North Korean Hackers Pose as Recruiters, Target Developers with 35 New Malicious npm Packages
A new cyber campaign orchestrated by North Korean threat actors has been exposed by the Socket Threat Research Team, revealing a sophisticated supply chain attack…
Fraud victims among top crypto ATM users
Australia’s financial crimes monitoring agency said that it has identified 90 scam victims, money mules and suspected offenders as the top crypto ATM users in…
Many data brokers aren’t registering across state lines, privacy groups say
Hundreds of companies registered as data brokers in one U.S. state are not recognized as such in other states with similar disclosure laws, according to…
Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP Requests
A zero-day research project has uncovered eight new vulnerabilities in multifunction printers (MFPs) and related devices from Brother Industries, Ltd., affecting a staggering 748 models…
Facial recognition: Where and how you can opt out
Our remote team recently took a trip to our Estonian office. When we arrived from our various destinations, we started chatting about how our travel…
Sportsbet recruits ‘security champions’ in shift-left strategy
Sportsbet has stood up a ‘security champions’ program, recruiting 42 senior staff to act as security ambassadors, asking questions of project teams and performing threat…
Citrix users hit by actively exploited zero-day vulnerability
Citrix on Wednesday disclosed an actively exploited zero-day vulnerability affecting multiple versions of NetScaler products, an alarming development from a vendor that’s been widely targeted…
Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks
A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft’s ClickOnce software deployment tool and custom Golang backdoors to compromise organizations within the…