Ukraine says hackers abuse SyncThing data sync tool to steal data
The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed “SickSync,” launched by the UAC-0020 (Vermin) hacking group in attacks on…
Category: Bleeping Computer
New Gitloker attacks wipe GitHub repos in extortion scheme
Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information. These attacks are part of…
New Fog ransomware targets US education sector via breached VPNs
A new ransomware operation named ‘Fog’ launched in early May 2024, using compromised VPN credentials to breach the networks of educational organizations in the U.S.…
PandaBuy pays ransom to hacker only to get extorted again
Chinese shopping platform Pandabuy told BleepingComputer it previously paid a a ransom demand to prevent stolen data from being leaked, only for the same threat…
Advance Auto Parts stolen data for sale after Snowflake attack
Threat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company’s Snowflake…
FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out
The FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they…
Linux version of TargetCompany ransomware focuses on VMware ESXi
Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads.…
Google Chrome reduced cookie requests to improve performance
Google shared details on a recently introduced Chrome feature that changes how cookies are requested, with early tests showing increased performance across all platforms. In…
Club Penguin fans breached Disney Confluence server, stole 2.5GB of data
Club Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal…
Check-in terminals used by thousands of hotels leak guest info
Ariane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests’ personal information and…
Chinese hacking groups team up in cyber espionage campaign
Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace. According to…
Qilin ransomware gang linked to attack on London hospitals
A ransomware attack that hit pathology services provider Synnovis on Monday and impacted several major NHS hospitals in London has now been linked to the…