Security
Minecraft server host Shockbyte puts players at risk
Shockbyte, one of Minecraft’s largest server hosting providers, left a misconfiguration on its systems exposing it to threat actors that could potentially have manipulated Minecraft server code.
Read more about Minecraft server host Shockbyte puts players at risk
Honda ecommerce platform vulnerability: a walkthrough
Honda was exposed to a critical security risk due to a vulnerability in its API. How did the exploit work?
Read more about Honda ecommerce platform vulnerability: a walkthrough
DoJ creates new National Security Cyber Section
The US National Security Division (NSD) now has its own Cyber Section, created so the agency can better respond to highly technical cyber threats.
Read more about DoJ creates new National Security Cyber Section
Compromised ChatGPT accounts are for sale on dark web
Over 100,000 ChatGPT credentials are currently being traded on the dark market. Given that employees increasingly rely on AI to boost productivity, the compromised credentials could lead threat actors to a treasure trove of data.
Read more about Compromised ChatGPT accounts are for sale on dark web
Square Yards data leak: passports, financial data exposed
India’s largest real estate platform has exposed nearly 350M files, including customer and employee passports and financial documents.
Read more about Square Yards data leak: passports, financial data exposed
Third MOVEit flaw identified by CISA, patch now
A new security advisory is warning organizations to immediately patch a third critical vulnerability found in the MOVEit file transfer system.
Read more about Third MOVEit flaw identified by CISA, patch now
Darknet Parliament is now a thing
The newly coined term “Darknet Parliament” has become the latest catchphrase among cybercriminals trying to prove their clout – and security insiders are loving it.
Read more about Darknet Parliament is now a thing
Swiss Financial Center knocked offline by Russian hackers
The pro-Russian hacker group responsible for a string of attacks against Switzerland's critical infrastructure this week has now hit the website of the Geneva financial center.
Read more about Swiss Financial Center knocked offline by Russian hackers
Shell latest victim in Cl0p MOVEit hacking spree
Shell Global has confirmed to Cybernews that some of their systems were impacted by the latest spree of cyber attacks involving a flaw in the MOVEit file transfer system.
Read more about Shell latest victim in Cl0p MOVEit hacking spree
US gov agencies slammed by MOVEit hack
Multiple US government agencies have been breached by the Cl0p ransom gang’s global hacking campaign exploiting a zero-day bug in the MOVEit file transfer platform.
Read more about US gov agencies slammed by MOVEit hack
Workers regularly post sensitive data into ChatGPT
A new study found 15% of employees regularly post company data into ChatGPT – and over a quarter of that data is considered sensitive information – putting their employers at risk of a security breach.
Read more about Workers regularly post sensitive data into ChatGPT
3CX data exposed, third-party to blame
A third-party vendor of 3CX, a popular Voice over Internet Protocol (VoIP) comms provider, left an open server and exposed sensitive 3CX data. The issue went under the company’s radar, even though it was recently targeted by North Korean hackers.
Read more about 3CX data exposed, third-party to blame
BreachForums is back – for real this time
The cybercrime marketplace BreachForums appears to have finally been resurrected with help from its former second in command – as the federal case against its former founder heats up. But will fears of FBI entrapment keep users away?
Read more about BreachForums is back – for real this time
Temp Mail leaves systems wide open
Temp Mail, a popular disposable email provider, left its systems publicly open for over three months, risking potential breaches and large-scale malware spread.
Read more about Temp Mail leaves systems wide open
UPS latest Anonymous Sudan target, Microsoft time-out
Following a week-long attack on Microsoft, the pro-Russian hacktivist gang Anonymous Sudan has claimed global shipping giant United Parcel Service (UPS) as the latest target in an ongoing campaign against the US.
Read more about UPS latest Anonymous Sudan target, Microsoft time-out
Unveiling the Balada injector: a malware epidemic in WordPress
Learn the shocking truth behind the Balada Injector campaign and find out how to protect your organization from this relentless viral invasion.
Read more about Unveiling the Balada injector: a malware epidemic in WordPress
Hackers have been sitting on MOVEit bug for 2 years
Cl0p hackers have been sitting on a zero-day vulnerability in the MOVEit Transfer application for two years, cybersecurity analyst Kroll claims.
Read more about Hackers have been sitting on MOVEit bug for 2 years
Prestigious Russian university puts student data at risk
Bauman University, the second oldest educational institution in Russia, had its internal system exposed, putting student data at risk
Read more about Prestigious Russian university puts student data at risk
Pflegia leaks sensitive job seeker info
Pflegia, a German healthcare recruitment platform, has exposed hundreds of thousands of files with sensitive user data such as names, home addresses, and emails.
Read more about Pflegia leaks sensitive job seeker info
Microsoft Outlook hackers threaten ChatGPT next
The pro-Russian hackers – who claim to have taken down Microsoft Outlook in an ongoing targeted campaign against the US – warn OpenAI’s ChatGPT is the next victim on their list.
Read more about Microsoft Outlook hackers threaten ChatGPT next
