New Latrodectus malware attacks use Microsoft, Cloudflare themes
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security…
Category: Bleeping Computer
Data of over 25,000 people stolen in 2023 breach
Daily newspaper Philadelphia Inquirer revealed that attackers behind a May 2023 security breach have stolen the personal and financial information of 25,549 individuals. The Inquirer…
Google now pays up to $450,000 for RCE bugs in some Android apps
Google has increased rewards for reporting remote code execution vulnerabilities within select Android apps by ten times, from $30,000 to $300,000, with the maximum reward…
R language flaw allows code execution via RDS/RDX files
A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming…
Millions of Docker repos found pushing malware, phishing sites
Three large-scale campaigns targeted Docker Hub users, planting millions of repositories that pushed malware and phishing sites since early 2021. As JFrog security researchers found, around…
New Wpeeper Android malware hides behind hacked WordPress sites
A new Android backdoor malware named ‘Wpeeper’ has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party…
Change Healthcare hacked using stolen Citrix account with no MFA
UnitedHealth confirms that Change Healthcare’s network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company’s Citrix remote access service, which…
Collection agency FBCS warns data breach impacts 1.9 million people
Financial Business and Consumer Solutions (FBCS) is warning 1,955,385 impacted individuals in the United States that the company suffered a data breach after discovering unauthorized…
Muddling Meerkat hackers manipulate DNS using China’s Great Firewall
A new cluster of activity tracked as “Muddling Meerkat” is believed to be linked to a Chinese state-sponsored threat actor’s manipulation of DNS to probe networks…
FCC fines carriers $200 million for illegally sharing user location
The Federal Communications Commission (FCC) has fined the largest U.S. wireless carriers almost $200 million for sharing their customers’ real-time location data without their consent. FCC’s forfeiture orders finalize…
FBI warns of fake verification schemes targeting dating app users
Image: Midjourney The FBI is warning of fake verification schemes promoted by fraudsters on online dating platforms that lead to costly recurring subscription charges. The public service announcement explains…
London Drugs pharmacy chain closes stores after cyberattack
Canadian pharmacy chain London Drugs has closed all its retail stores to contain what it described as a “cybersecurity incident.” The company has also hired…