Security

Dozens of Italian websites targeted by Russian hackers

According to Italy’s national cybersecurity agency ACN, approximately twenty Italian websites have been targeted by pro-Russian hackers.
Read more about Dozens of Italian websites targeted by Russian hackers

Cybercriminals are stealing AI power, and you might be the one paying for it

Attackers are using large language models (LLMs) in so-called LLM hijacking exploits, passing the cost of cloud bills onto companies and individuals.
Read more about Cybercriminals are stealing AI power, and you might be the one paying for it

Hackers infect websites of a major Lithuanian food company Vičiūnai Group

Websites belonging to UAB Vičiūnų grupė, one of the largest food producers in Lithuania, contain a malicious loader capable of infecting user devices.
Read more about Hackers infect websites of a major Lithuanian food company Vičiūnai Group

Spy becomes cybercriminal in curious ransomware incident

A China-linked espionage actor may be moonlighting as a ransomware attacker, raising questions about their motives.
Read more about Spy becomes cybercriminal in curious ransomware incident

Three days later, DOGE site remains defaced: experts point at cybersecurity violations

Cyber pros argue that the new Elon Musk-led department might have breached federal cybersecurity laws. The community is discovering new defaced pages on DOGE.gov that remain accessible three days after the breach was widely announced.
Read more about Three days later, DOGE site remains defaced: experts point at cybersecurity violations

Protecting yourself from ransomware: a comprehensive guide to prevention and mitigation

Ransomware is one of the most profitable and rapidly growing cybercrimes of the past decade. This type of malware encrypts...
Read more about Protecting yourself from ransomware: a comprehensive guide to prevention and mitigation

The most dangerous malware right now: Anubis will drain your banking apps

The number one threat for Android users is the versatile banking trojan Anubis. PC users should be the most fearful of FakeUpdates malware disseminated by Russian hackers.
Read more about The most dangerous malware right now: Anubis will drain your banking apps

I wanted to keep my TP-Link router but security pros roasted me

Like most Americans, I have a TP-Link router at home and am contemplating what to do with it. The company is under scrutiny for potential backdoors, and authorities are considering it as the next potential target for a ban. Is replacing the TP-Link router really the only option?
Read more about I wanted to keep my TP-Link router but security pros roasted me

Cutbacks bite back as hackers play with Musk's DOGE site

Musk’s DOGE efforts to lower federal expenses may be a victim of its own quest for efficiency, with lax cybersecurity practices allowing anyone to access the government’s newly created website.
Read more about Cutbacks bite back as hackers play with Musk's DOGE site

Russian hackers launch new attack vector: joining a meeting can compromise your account

Russian threat actors have launched another successful hacking campaign. Targeted users receive fake meeting invitations to WhatsApp, Signal, or Teams and allow attackers into their accounts when attempting to log in.
Read more about Russian hackers launch new attack vector: joining a meeting can compromise your account

Russian-backed Seashell Blizzard relies on "BadPilot" subgroup for initial exploits, researchers say

Microsoft researchers uncover the “BadPilot campaign,” a threat subgroup working behind the scenes to support the Krelmin-backed hacking cartel Seashell Blizzard, responsible for years of persistent attacks on high-value targets worldwide.
Read more about Russian-backed Seashell Blizzard relies on "BadPilot" subgroup for initial exploits, researchers say

Unguarded database spills 440M personal records

An exposed instance with an unknown owner has revealed copious amounts of records from multiple Middle Eastern nations.
Read more about Unguarded database spills 440M personal records

Researchers get $10K for disclosure of YouTube flaw that exposed billions of user emails

There were no truly private accounts on YouTube until recently. Security researchers demonstrated that any email behind an account could be pulled from Google using a relatively simple exploit. Google has patched the flaw and awarded researchers a $10,633 bounty.
Read more about Researchers get $10K for disclosure of YouTube flaw that exposed billions of user emails

International travelers targeted in immigration-themed phishing campaign

A sophisticated phishing campaign that first targeted travelers heading to Singapore has expanded to exploit those traveling to other nations, including the United Kingdom and Malaysia.
Read more about International travelers targeted in immigration-themed phishing campaign

Heartbreak hackers: Valentine’s day scams on the rise

With a love rush ahead, Valentine’s Day brings more than just romance. Cybersecurity experts are warning about a rise in phishing scams.
Read more about Heartbreak hackers: Valentine’s day scams on the rise

North Korean hackers Kimsuky exploiting the oldest critical vulnerability – the user

North Korean hackers have joined the cyberattack bandwagon, asking users to copy and paste malicious code into PowerShell.
Read more about North Korean hackers Kimsuky exploiting the oldest critical vulnerability – the user

Warning: fake Etsy invoices sent via legitimate domains

Emails with fake invoices are using a legitimate Etsy domain, making it more difficult to detect scams.
Read more about Warning: fake Etsy invoices sent via legitimate domains

Fewer than one in three Chrome users have ‘Enhanced Security’ enabled

Google said that over a billion Chrome users are using Enhanced Protection mode, which provides real-time AI-powered protection against dangerous online content. However, this means that almost 2.5 billion other Chrome users haven't enabled the feature.
Read more about Fewer than one in three Chrome users have ‘Enhanced Security’ enabled