A critical vulnerability in Fortra GoAnywhere MFT allows unauthorized users to create new admin accounts by exploiting an authentication bypass vulnerability, posing a significant risk to organizations using the software.
The UK’s National Cyber Security Centre (NCSC) has issued a warning about the growing threat of AI-based ransomware attacks, which make it difficult to differentiate between legitimate and malicious emails and enable personalized phishing attacks.
Financial sanctions have been imposed on Alexander Ermakov by the governments of the US, UK, and Australia for his alleged involvement in the 2022 ransomware attack against Medibank Private Limited.
Bulletproof hosting (BPH) has become a critical infrastructure service in cybercrime, allowing cybercriminals to distribute malware from multiple locations and evade law enforcement, but blocking BPH providers can effectively combat cyber threats.
Security researchers discover two malicious packages on npm that steal Base64-encrypted SSH keys from developer systems and store them on GitHub, highlighting the growing trend of cybercriminals exploiting open source package managers for their malicious software supply chain campaigns.
The “Mother of all Breaches” (MOAB) has exposed a staggering 26 billion personal records, compromising sensitive information from platforms such as Twitter, Dropbox, LinkedIn, Tencent’s QQ, Weibo, MySpace, and government organizations.
