Security Vulnerability in OpenAI’s ChatGPT App for macOS Allowed Spyware Implantation
Attackers exploited a memory feature in ChatGPT to implant spyware, enabling continuous data exfiltration of user input and responses.
View full story…
Surge in ‘Mishing’ Attacks Targeting Enterprise Mobile Devices
The 2024 zLabs Global Mobile Threat Report by Zimperium reveals a significant increase in ‘mishing’ attacks targeting enterprise mobile devices, exploiting vulnerabilities and deceiving users into revealing sensitive information.
View full story…
Latest Cybernews
US Department of Commerce Proposes Ban on Chinese and Russian Software in Connected Vehicles
The proposed ban aims to safeguard national security by preventing foreign adversaries from accessing and manipulating data in US vehicles.
View full story…
New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities
Octo2, a sophisticated Android banking trojan targeting users in Europe, enables cybercriminals to remotely control infected devices, conduct fraudulent transactions, and steal sensitive banking data.
View full story…
Emergence of SnipBot Malware Variant Highlights Cybersecurity Threats
The new SnipBot malware variant, part of the RomCom family, targets Ukraine and its supporters through espionage activities, utilizing unique code obfuscation methods and valid code-signing certificates to evade detection.
View full story…
11 Million Android Users Infected by Necro Malware
Necro malware, hidden in advertising SDKs, infects popular apps like Spotify and WhatsApp, allowing for stealthy communication with attacker-controlled servers.
View full story…
Telegram CEO Announces Crackdown on Criminal Activity on Messaging Platform
Telegram CEO Pavel Durov announces measures to address criminal activity on the messaging platform following his arrest in France.
View full story…
Cyberattack on Arkansas City Water Supply System Leads to Manual Operations
Arkansas City, Kansas faced a cyberattack on its water supply system, prompting a temporary shift to manual operations at the treatment facility. Ransomware is suspected to be involved, but service was not disrupted and customer information remained secure.
View full story…
Latest Cybernews
LinkedIn Pauses AI Training on UK User Data Following ICO Complaint
LinkedIn has halted the training of its generative AI models on UK user data after a complaint from the Information Commissioner’s Office, highlighting concerns about privacy and user consent in AI development.
View full story…
Reassessing Password Expiry Policies for Enhanced Security
Organizations are reconsidering traditional password expiry policies to balance security and usability, as advancements in technology have led to new risks and challenges.
View full story…
Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls
Discord has implemented the DAVE protocol, enhancing user privacy and data security in audio and video calls with features like E2EE A/V and group key exchange.
View full story…
Last Week’s Cybersecurity Recap: Global Threat Landscape Highlights Significant Developments
China-linked Flax Typhoon dismantles Raptor Train botnet, North Korea’s Lazarus Group targets energy and aerospace sectors with MISTPEN malware, Europol dismantles criminal network using Ghost phishing platform, Iranian UNC1860 provides initial access for hacking groups, Apple drops lawsuit against NSO Group, new wave of phishing attacks exploit HTTP headers, Sandvine exits “non-democratic” countries, sensitive data leaks due to ServiceNow misconfigurations, Google Cloud addresses Document AI flaw, Microsoft plans to end kernel access for EDR software
View full story…
German Authorities Shut Down 47 Crypto Exchanges in Operation Final Exchange
German authorities collaborate to seize servers and gather crucial user information in crackdown on cybercrime exchanges.
View full story…