Atlassian data leak caused by stolen employee credentials
2/17/23: Story and title updated to reflect new statements from both companies. Atlassian suffered a data leak after threat actors used stolen employee credentials to…
Category: Bleeping Computer
Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb
Cybersecurity solutions company Fortinet has released security updates for its FortiNAC and FortiWeb products, addressing two critical-severity vulnerabilities that may allow unauthenticated attackers to perform arbitrary…
Norwegian police recover $5.8M crypto from massive Axie Infinity hack
Norwegian police (Økokrim) have seized 60 million kroner ($5,800,000) worth of cryptocurrency stolen by the North Korean Lazarus hacking group last year from Axie Infinity’s…
Europol busts ‘CEO fraud’ gang that stole €38M in a few days
Europol has dismantled a Franco-Israeli ‘CEO fraud’ group that employed business email compromise (BEC) attacks to divert payments from organizations to bank accounts under the…
Hackers stole source code, installed malware in multi-year breach
Web hosting giant GoDaddy says unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment. While…
Bing Chat’s secret modes turn it into a personal assistant or friend
Bing’s new AI chat has secret chat modes that can be used to change the AI bot into a personal assistant, a friend to help…
FBI is investigating a cybersecurity incident on its network
The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network. The federal law enforcement agency says it already…
Atlassian says recent data leak stems from third-party vendor hack
Atlassian has confirmed that a breach at a third-party vendor caused a recent leak of company data and that their network and customer information is…
CISA warns of Windows and iOS bugs exploited as zero-days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four security vulnerabilities exploited in attacks as zero-day to its list of bugs known to…
Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack
A new malware dubbed ‘ProxyShellMiner’ exploits the Microsoft Exchange ProxyShell vulnerabilities to deploy cryptocurrency miners throughout a Windows domain to generate profit for the attackers.…
New Mirai malware variant infects Linux devices to build DDoS botnet
A new Mirai botnet variant tracked as ‘V3G4’ targets 13 vulnerabilities in Linux-based servers and IoT devices to use in DDoS (distributed denial of service)…
Scandinavian Airlines says cyberattack caused passenger data leak
Scandinavian Airlines (SAS) has posted a notice warning passengers that a recent multi-hour outage of its website and mobile app was caused by a cyberattack…