Trello API abused to link email addresses to 15 million accounts
An exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles...
Read more →Category: Bleeping Computer
Exploit released for Fortra GoAnywhere MFT auth bypass bug
Exploit code is now available for a critical authentication bypass vulnerability in Fortra’s GoAnywhere MFT (Managed File Transfer) software that...
Read more →
Water services giant Veolia North America hit by ransomware attack
Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water...
Read more →
X adds passkeys support for iOS users in the United States
X, formerly Twitter, announced today that iOS users in the United States can now log into their accounts using passkeys....
Read more →
Windows 10 KB5034203 preview update adds EU DMA compliance
Microsoft has released the January 2024 preview update for Windows 10, version 22H2, which adds Digital Markets Act (DMA) compliance...
Read more →
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now
Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows...
Read more →
Jason’s Deli says customer data exposed in credential stuffing attack
Jason’s Deli is warning of a data breach in notifications sent to customers of its online platform stating that their...
Read more →
Australia sanctions REvil hacker behind Medibank data breach
The Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack...
Read more →
loanDepot cyberattack causes data breach for 16.6 million people
Mortgage lender loanDepot says that approximately 16.6 million people had their personal information stolen in a ransomware attack disclosed earlier...
Read more →
VPN appliances vulnerable if pushing configs after mitigation
Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable...
Read more →
FTC orders Intuit to stop pushing “free” software that isn’t really free
Today, the U.S. Federal Trade Commission (FTC) ordered Intuit to stop promoting its software products and services as “free” unless...
Read more →
SEC confirms X account was hacked in SIM swapping attack
The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the...
Read more →