Security
SECURITY
Fraudsters are impersonating FBI 'IC3' employees to steal your financial information
SECURITY
Samsung phone is saving your passwords in plain text

Critical security flaw affects Asus AiCloud routers, urgent update required
by  Ernestas Naprys
Hackers can craft a request, send it to the Asus router, and execute functions without authorization. Due to this critical vulnerability, bearing a score of 9.2 out of 10, the company is urging users to update the firmware of Asus routers running AiCloud.
Read more
router_0216

“Vote for me” scam turns into chain reaction of stolen Facebook, X accounts
by  Ernestas Naprys
Is a friend asking you to vote for them on Facebook? It’s a scam that starts a chain reaction. Many people have already fallen victim.
Read more
A phone with social media apps, under a colorful scrutiny.

6M users at risk: 58 Chrome extensions discovered containing secret tracking code
by  Ernestas Naprys
Dozens of Chrome extensions, many of them featured on the Chrome Web Store but also hidden and not indexed by search engines, contain secret functionality to track users, a security researcher has discovered.
Read more
Chrome extensions after Manifest version 3

CISA recommends password reset after potential Oracle data breach
by  Anton Mous
The Cybersecurity and Infrastructure Security Agency (CISA) is suggesting that organizations that have been affected by a potential data breach at Oracle’s Cloud Infrastructure reset passwords to minimize the risk associated with credential compromise.
Read more
Oracle cloud bug allowed accessing other users’ virtual disks

Screw gov’t funding, we’re going nonprofit, CVE Board declares after database debacle
by  Stefanie Schappert
Citing global security for all, CVE board members have announced the creation of a new nonprofit CVE Foundation, aimed at taking the onus for funding the critical vulnerability database program out of government hands.
Read more
CVE Foundation logo

Fake jobs, tolls, and deliveries text cost Americans half a billion
by  Paulina Okunytė
Text scams are raking in millions. And they're no longer just a minor annoyance – they’re looting Americans' accounts.
Read more
Phishing message on phone

Stop & Shop, Albert Heijn, Food Lion: Ransomware gang targets grocery heavyweights
by  Paulina Okunytė
Ahold Delhaize, the €87 billion ($99 billion) retail titan behind your local Stop & Shop and Albert Heijn, has been hit by a data breach. At least that’s what a ransomware gang is claiming on its dark web blog.
Read more
ahold delhaize

iPhone AI app leaked user-generated NSFW stories
by  Vilius Petkauskas
Apple App Store’s Novel AI: Book Creator leaked its Firebase database, revealing that its users generated far spicier stuff than your average ghost story.
Read more
iPhone app leaks user NSFW stories

A whopping 46% of US companies’ employees reuse passwords
by  Cybernews Team
Cybernews researchers analyzed the top 100 most trusted companies in America – including Nvidia, Costco, Apple, American Express, and others – and found that all of them had experienced data breaches, exposing critical cybersecurity weaknesses.
Read more
Hacker, attacker, malicious

YouTuber’s pixelation fail: private video part unmasked in hours
by  Ernestas Naprys
One YouTuber laid out a challenge to his viewers: $50 to anyone who could de-pixelate a heavily obscured section of his video, intended to hide private folders. It was cracked in hours, demonstrating the vulnerability of blurring as a privacy measure.
Read more
pixelated-content

GoDaddy flop caused major Zoom outage
by  Niamh Ancell
Zoom went down on Wednesday, and the company revealed it wasn’t to blame for the major outage.
Read more
godaddy-zoom-outage

Former CISA chief resigns from SentinelOne following White House pressure
by  Reuters
Christopher Krebs, whom President Donald Trump fired as head of the Cybersecurity and Infrastructure Security Agency (CISA) in 2020, said on Wednesday he is leaving cybersecurity company SentinelOne following pressure from the White House.
Read more
Christopher Krebs

Identity-based attacks most prevalent in cybersecurity incidents
by  Anton Mous
Last year, cybercriminals leaned heavily on stealth and efficiency, favoring straightforward techniques over complex malware and zero-day exploits.
Read more
preventing online identity theft

CVE database funding extended through 2026 – was the panic all for nothing?
by  Stefanie Schappert
Critical funding for the Common Vulnerabilities and Exposures database, set to expire on Wednesday, has been renewed in full, the US Cybersecurity and Infrastructure Security Agency (CISA) announced late Tuesday evening. So, was there a real threat to the MITRE-led program ending, or just government business as usual?
Read more
Common Vulnerabilities and Exposures

Huge ransomware campaign targets AWS S3 storage: attackers have thousands of keys
by  Ernestas Naprys
A massive database of over 1,200 unique Amazon Web Services (AWS) access keys has been amassed and exploited in a ransomware campaign. Administrators of exposed AWS S3 buckets are finding their files encrypted except for a ransom note demanding payment in bitcoin.
Read more
AWS S3 buckets, storage under attack

Android devices to auto-restart if locked for 3 days: why does it matter?
by  Ernestas Naprys
Google is rolling out a new security feature that reboots Android devices if they remain locked for three consecutive days. This makes it much harder to access data from stolen but also seized devices.
Read more
android_1212

Former MTV execs’ ghost platform still leaking personal data of numerous creatives
by  Paulina Okunytė
The Loop is dead, but your personal data isn’t. Over two million files packed with personal data are still sitting online, waiting to ruin someone's day.
Read more
Loop data leak

Think you're downloading Binance? It’s malware in disguise
by  Paulina Okunytė
Hackers are disguising malware as legit crypto trading tools, turning your curiosity about bitcoin into a full-blown system compromise.
Read more
Binance logo, coins, cryptocurrency, keyboard