HubSpot phishing targets 20,000 Microsoft Azure accounts
A phishing campaign targeting automotive, chemical, and industrial manufacturing companies in Germany and the UK is abusing HubSpot to steal Microsoft Azure account credentials. The…
Category: Bleeping Computer
CISA urges switch to Signal-like encrypted messaging apps after telecom hacks
Today, CISA urged senior government and political officials to switch to end-to-end encrypted messaging apps like Signal following a wave of telecom breaches across dozens…
Malicious Microsoft VSCode extensions target devs, crypto community
Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply…
Recorded Future CEO applauds “undesirable” designation by Russia
Recorded Future, an American threat intelligence company, has become the first cybersecurity firm designated by the Russian government as an “undesirable” organization. The Russian authorities effectively…
Interpol replaces dehumanizing “Pig Butchering” term with “Romance Baiting”
Interpol calls on the cybersecurity community, law enforcement, and the media to stop using the term “Pig Butchering” when referring to online relationship and investment…
New fake Ledger data breach emails try to steal crypto wallets
A new Ledger phishing campaign is underway that pretends to be a data breach notification asking you to verify your recovery phrase, which is then…
NVIDIA shares fix for game performance issues with new NVIDIA App
Nvidia has shared a temporary fix for a known issue impacting systems running its recently unveiled NVIDIA App and causing gaming performance to drop by…
‘Bitter’ cyberspies target defense orgs with new MiyaRAT malware
A cyberespionage threat group known as ‘Bitter’ was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. MiyaRAT is used alongside…
CISA orders federal agencies to secure Microsoft 365 tenants
CISA has issued this year’s first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their cloud environments by implementing a list of…
New critical Apache Struts flaw exploited to find vulnerable servers
A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. Apache Struts is…
Might need a mass password reset one day? Read this first.
A common adage among cybersecurity professionals is that when it comes to cyber-attacks, it’s not a matter of if but when. Despite this certainty, organizations are often caught…
Ireland fines Meta $264 million over 2018 Facebook data breach
The Irish Data Protection Commission (DPC) fined Meta €251 million ($263.6M) over General Data Protection Regulation (GDPR) violations arising from a 2018 personal data breach…