A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the public internet. The attacks, observed by Arctic Wolf between November and…
A critical flaw in Google’s “Sign in with Google” authentication system has left millions of Americans vulnerable to potential data theft. This vulnerability mainly affects…
Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known as CVE-2024-44243, this vulnerability could…
To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new step-by-step guide designed to help…
Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that is impacting some Microsoft 365 (M365) users. The problem, which surfaced…
Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers used scheduled tasks to execute pcalua.exe to run malicious binaries and…
Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs that closely resemble legitimate O365 domains, creating a high degree of…
The education and publishing giant Scholastic has fallen victim to a significant data breach affecting approximately 8 million people. The breach, which has been attributed…
A proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498. This vulnerability poses a significant security risk by…
A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential data breaches. The vulnerability, tracked as CVE-2024-51456, could allow remote attackers to…
Malware actors leverage popular platforms like YouTube and social media to distribute fake installers. Reputable file hosting services are abused to host malware and make…
Researchers analyzed a new stealthy credit card skimmer that targets WordPress checkout pages by injecting malicious JavaScript into the WordPress database. On checkout pages, the…
