Former IT staff gets 2.5 years for wiping 180 virtual servers
A former quality assurance employee of National Computer Systems (NCS) was sentenced to two years and eight months in prison...
Read more →Category: Bleeping Computer
Scattered Spider hackers switch focus to cloud apps for data theft
The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines....
Read more →
Insurance giant Globe Life investigating web portal breach
American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of...
Read more →
Microsoft delays Windows Recall amid privacy and security concerns
Microsoft is delaying the release of its AI-powered Windows Recall feature to test and secure it further before releasing it...
Read more →
Truist Bank confirms breach after stolen data shows up on hacking forum
Leading U.S. commercial bank Truist confirmed its systems were breached in an October 2023 cyberattack after a threat actor posted...
Read more →
Ascension hacked after employee downloaded malicious file
IMAGE: MIDJOURNEY Ascension, one of the largest U.S. healthcare systems, revealed that a May 2024 ransomware attack was caused by...
Read more →
New York Times warns freelancers of GitHub repo data breach
The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and...
Read more →
Panera warns of employee data breach after March ransomware attack
U.S. food chain giant Panera Bread is notifying employees of a data breach after unknown threat actors stole their sensitive personal...
Read more →
Toronto District School Board hit by a ransomware attack
The Toronto District School Board (TDSB) is warning that it suffered a ransomware attack on its software testing environment and...
Read more →
Google patches exploited Android zero-day on Pixel devices
Update June 13, 13:01 EDT: GrapheneOS says CVE-2024-32896 is the same as CVE-2024-29748. Google added a new CVE ID to track the...
Read more →
Exploit for Veeam Recovery Orchestrator auth bypass available, patch now
A proof-of-concept (PoC) exploit for a critical Veeam Recovery Orchestrator authentication bypass vulnerability tracked as CVE-2024-29855 has been released, elevating the...
Read more →
YouTube tests harder-to-block server-side ad injection in videos
YouTube reportedly now injects ads directly into video streams to make it more difficult for ad blockers to block advertisements....
Read more →