Russian-linked cyber espionage group UNC5812 has been targeting Ukrainian military conscripts with Windows and Android malware in a sophisticated campaign. Disguised as recruitment avoidance tools, the malware has been distributed via a Telegram channel named “Civil Defense” and a website
Kaspersky’s Global Research and Analysis Team (GReAT) uncovered a critical Google Chrome zero-day vulnerability, tracked as CVE-2024-4947, that was being exploited by the North Korean Lazarus hacking group. The attackers used a fake decentralized finance (DeFi) game called DeTankZone to target
APT41, a Chinese state-sponsored hacking group, has targeted the gambling and gaming industry in a sophisticated cyberattack. The attack spanned several months and saw hackers collect sensitive data from their victims’ infrastructure, including network configurations and passwords. APT41, also
An ongoing malware campaign has compromised over 6,000 WordPress sites, installing malicious plugins that push infostealing malware. The campaign, known as ClearFake, began in 2023 and tricks users into installing malware through fake browser error messages. As reported by BleepingComputer, the
Iranian hackers have been actively targeting critical infrastructure sectors worldwide. They have been breaching such networks and then selling access to other cybercriminals. A joint advisory from US, Canadian, and Australian cybersecurity agencies highlights that the hackers have focused on
Recently I discovered and shared with vpnMentor about 15 unprotected and publicly exposed databases. They contained 4.6 million records, including sensitive Illinois voter information. Now that the dust has settled and as the US election nears, I wanted to reflect on the potential vulnerabilities
Discord, the popular messaging platform primarily used by gaming communities, has now been blocked in both Russia and Turkey. The bans come as part of these governments’ broader efforts to tighten control over digital platforms, with the authorities citing concerns over illegal content. Millions of
FIN7, a notorious Russian hacking group, is using fake AI nude image generator websites to distribute malware, targeting individuals and potentially businesses. According to research from Silent Push, the campaign relies on the popularity of deepfake technology to lure users into downloading
Ireland’s Data Protection Commission (DPC) has fined Meta €91 million for storing millions of user passwords in plaintext. The issue prompted a regulatory investigation into Meta’s adherence to the General Data Protection Regulation (GDPR). Meta found in January 2019 that it had maintained
University Medical Center (UMC) Health System in Lubbock, Texas, is dealing with the aftermath of a ransomware attack that crippled its IT infrastructure and forced the diversion of patients to other healthcare facilities. The breach, which occurred late last week, impacted key operations,