Fake OnlyFans cybercrime tool infects hackers with malware
Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat...
Read more →Category: Bleeping Computer
Planned Parenthood confirms cyberattack as RansomHub claims breach
Planned Parenthood has confirmed it suffered a cyberattack affecting its IT systems, forcing it to take parts of its infrastructure...
Read more →
Red team tool ‘MacroPack’ abused in attacks to deploy Brute Ratel
The MacroPack framework, initially designed for Red Team exercises, is being abused by threat actors to deploy malicious payloads, including...
Read more →
Microchip Technology confirms data was stolen in cyberattack
American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack,...
Read more →
US cracks down on Russian disinformation before 2024 election
Image: MidjourneyToday, the U.S. Justice Department said the FBI seized 32 web domains used by the Doppelgänger Russian-linked influence operation...
Read more →
Cisco warns of backdoor admin account in Smart Licensing Utility
Cisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be used to log into...
Read more →
Cisco fixes root escalation vulnerability with public exploit code
Cisco has fixed a command injection vulnerability with public exploit code that lets attackers escalate privileges to root on vulnerable...
Read more →
New Eucleak attack lets threat actors clone YubiKey FIDO keys
A new “EUCLEAK” flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico’s YubiKey 5 Series, allows attackers...
Read more →
Hackers inject malicious JS in Cisco store to steal credit cards, credentials
Cisco’s site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code...
Read more →
Google backports fix for Pixel EoP flaw to other Android devices
Google has released the September 2024 Android security updates to fix 34 vulnerabilities, including CVE-2024-32896, an actively exploited elevation of...
Read more →
Criminal IP Earns PCI DSS v4.0 Certification for Top-Level Security
AI SPERA, a leading Cyber Threat Intelligence (CTI) company, has achieved PCI DSS v4.0 certification for its flagship search engine...
Read more →
Revival Hijack supply-chain attack threatens 22,000 PyPI packages
Threat actors are utilizing an attack called “Revival Hijack,” where they register new PyPi projects using the names of previously...
Read more →