Ivanti warns of another critical CSA flaw exploited in attacks
Image: MidjourneyToday, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked…
Category: Bleeping Computer
Google Password Manager now automatically syncs your passkeys
Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users.…
FTC exposes massive surveillance of kids, teens by social media giants
A Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children…
Mysterious “LOVE” packet storms flood the internet since 2020
Internet intelligence firm GreyNoise reports that it has been tracking large waves of “Noise Storms” containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has…
Clever ‘GitHub Scanner’ campaign abusing repos to push malware
A clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are subscribed to email notifications…
4 Top Security Automation Use Cases: A Detailed Guide
With Gartner recently declaring that SOAR (security orchestration, automation, and response) is being phased out in favor of generative AI-based solutions, this article will explore…
Discord rolls out end-to-end encryption for audio, video calls
Discord has introduced the DAVE protocol, a custom end-to-end encryption (E2EE) protocol designed to protect audio and video calls on the platform from unauthorized interceptions.…
Russian security firm Dr.Web disconnects all servers after breach
On Tuesday, Russian anti-malware company Doctor Web (Dr.Web) disclosed a security breach after its systems were targeted in a cyberattack over the weekend. Dr.Web disconnected…
Europol takes down “Ghost” encrypted messaging platform used for crime
Europol and law enforcement from nine countries successfully dismantled an encrypted communications platform called “Ghost,” which was used by organized crime such as drug trafficking and…
Vanilla Tempest hackers hit healthcare with INC ransomware
Image: MidjourneyMicrosoft says a ransomware affiliate it tracks as Vanilla Tempest now targets U.S. healthcare organizations in INC ransomware attacks. INC Ransom is a ransomware-as-a-service…
X hacking spree fuels “$HACKED” crypto token pump-and-dump
An X account hacking spree has fueled a successful pump-and-dump scheme for the $HACKED Solana token, with people rushing to buy the coin. The hacked…
GitLab releases fix for critical SAML authentication bypass flaw
GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition…