SecurityWeek2d
PayPal Phishing Campaign Employs Genuine Links to Take Over Accounts
If the user attempts to log in, however, the page automatically links the victim’s PayPal account with the email address of ...
SecurityWeek2d
In Other News: Bank of America Warns of Data Breach, Trucking Cybersecurity, Treasury Hack Linked to Silk Typhoon
Microsoft has released fixes for high-severity flaws in Azure SaaS Resources and Purview (no user action required), while ...
SecurityWeek3d
Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool
Palo Alto Networks has released patches for multiple vulnerabilities in the Expedition migration tool, which was retired on ...
SecurityWeek2d
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures
A research project into vulnerabilities affecting Microsoft’s PlayReady DRM raises some questions on responsible disclosure.
SecurityWeek3d
Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies
Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.
SecurityWeek2d
Banshee macOS Malware Expands Targeting
The latest version of the Banshee macOS information stealer no longer checks if the infected systems have the Russian ...
SecurityWeek3d
Telegram Shared Data of Thousands of Users After CEO’s Arrest
After its CEO was arrested last summer, Telegram has been increasingly sharing user data at the request of authorities.
SecurityWeek9d
New York Hospital Says Ransomware Attack Data Breach Impacts 670,000
Richmond University Medical Center investigating a ransomware attack since May 2023 and it recently determined that it ...
SecurityWeek3d
The ‘Worst in Show’ CES Products Put Your Data at Risk and Cause Waste, Privacy Advocates Say
But not all innovation is good, according to a panel of self-described dystopia experts that has judged some products as ...
SecurityWeek3d
SonicWall Patches Authentication Bypass Vulnerabilities in Firewalls
SonicWall has released patches for multiple vulnerabilities in SonicOS, including high-severity authentication bypass flaws.
SecurityWeek6d
US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure
US Treasury sanctioned Chinese company Integrity Tech for supporting state-sponsored group Flax Typhoon in hacking US ...
SecurityWeek4d
Insider Threat: Tackling the Complex Challenges of the Enemy Within
The insider threat problem will worsen, and the solutions will widen, in the age of generative-AI. The insider threat is a ...