Latest Cybernews
AppOmni’s State of SaaS Security 2024 Report Reveals Rise in Data Breaches for Organizations
One-third of organizations report data breaches in SaaS apps, highlighting challenges in security governance and enforcement.
View full story…
Surge in “Quishing” Attacks Targeting Microsoft Office Credentials Using QR Codes
Phishing campaign targets Microsoft Office credentials using QR codes to direct users to malicious Microsoft Sway pages, particularly affecting technology, manufacturing, and finance sectors.
View full story…
FBI Addressing Weaknesses in Sensitive Data Management
The FBI is taking steps to improve its handling of sensitive data following a critical audit by the DOJ’s OIG, which identified flaws in inventory management and disposal of electronic storage media containing classified information.
View full story…
Critical Vulnerability in Microsoft 365 Copilot Discovered by Cybersecurity Researchers
Cybersecurity researchers discover a critical vulnerability in Microsoft 365 Copilot involving ASCII smuggling to hide data within clickable hyperlinks, compromising user data security.
View full story…
Texas Dow Employees Credit Union Reports Data Breach Affecting Over 500,000 Members
The Texas Dow Employees Credit Union (TDECU) reported a data breach in July 2024, affecting over 500,000 members due to the MOVEit attacks by the Cl0p ransomware group.
View full story…
MacOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Cybersecurity experts have identified a concerning threat known as the HZ RAT backdoor, targeting users of Chinese messaging apps on Apple macOS.
View full story…
Latest Cybernews
Cybercriminals Utilize Greasy Opal’s CAPTCHA-Bypassing Tool to Create Fake Microsoft Accounts
Threat actor group Storm-1152 leverages Greasy Opal’s efficient technology to create 750 million fake Microsoft accounts, highlighting significant security risks for companies.
View full story…
Critical Vulnerability in SonicOS Platform Identified by SonicWall
SonicWall has identified a critical vulnerability in its SonicOS platform, known as CVE-2024-40766, which poses a significant security risk to firewall devices.
View full story…
China-Linked Cyber Threat Group Velvet Ant Exploits Zero-Day Vulnerability in Cisco’s NX-OS Network Operating System on Nexus Switch Appliances
Velvet Ant, a China-linked cyber threat group, has been exploiting a zero-day vulnerability in Cisco’s NX-OS network operating system on Nexus Switch appliances.
View full story…
Chinese Hackers Utilize AppDomain Manager Injection to Target Asian Military and Government Organizations
APT41 hackers have been using the sophisticated AppDomain Manager Injection technique to target Asian military and government organizations, demonstrating a high level of technical expertise.
View full story…
New Android Malware NGate Targets Smartphone Users in Czechia
NGate malware steals payment card data using NFC reader, part of cyberattack campaign in Czechia.
View full story…
Disney’s Internal Slack Channels Breached by NullBulge, Exposing Sensitive Data
Hacktivist group NullBulge breaches Disney’s internal Slack channels, exposing over 1.2 terabytes of sensitive data including unreleased projects, computer code, login details, passwords, and Intellectual Property.
View full story…
Researchers Identify Over 20 Vulnerabilities in ML Software Supply Chains
Researchers have discovered vulnerabilities in ML software supply chains that could be exploited to target MLOps platforms, including inherent flaws and implementation weaknesses.
View full story…