Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks. The...
The vulnerability is in Microsoft Azure’s flagship Cosmos DB database. A research team at security company Wiz discovered it was able to access keys that control access to databases. click here to read full...
Security firm SAM Seamless Network discovered that a Mirai botnet began searching for devices unpatched against the flaw on August 18, only two days after IoT Inspector shared details of the bug. click here...
The new trojan has been found to compromise Facebook accounts of over 10,000 users since March 2021 via fraudulent apps distributed through Google Play Store and other app marketplaces. click here to read full...
This record number of illicit online pharmacies was shut down during Operation Pangea XIV, which targeted online sellers of counterfeit and illegal pharmaceuticals and medical devices. click here to read full Article Read more...
Thousands of Google Chrome extensions available on the official Chrome Web Store are tampering with security headers on popular websites, putting users at risk of a wide range of web-based attacks. click here to...
The Lorenz ransomware gang began operating last month and has since amassed a growing list of victims whose stolen data has been published on a ransomware data leak site. click here to read full...
Faxton St. Luke’s Healthcare (FSLH) was notified on March 30, 2021, that Capture RX, a third-party business associate, experienced a data breach on February 6, 2021, affecting 17,655 patients of FSLH. click here to...
Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques...
The data of several hundred Russian companies that used the free online project manager Trello has been made publicly available. Among the hundreds of thousands of leaked boards are those containing confidential information. Data...
The seller did not disclose how they got the cache but claimed that it included 895,000 gift cards from 3,010 companies, including Airbnb, Amazon, American Airlines, Nike, Subway, Target, and Walmart. click here to...
Threat actors are targeting mission-critical SAP applications unsecured against already patched vulnerabilities, exposing the networks of commercial and government organizations to attacks. click here to read full Article Read more on Malware updates &...
In 2020, Russian hackers stole thousands of emails from U.S. State Department employees. As Politico reported, this is the second major hack of the department’s email server in the last ten years, carried out...
The component gets over 3 million weekly downloads, and as of today, has scored over 238 million total downloads over its lifetime. Further, about 278,000 GitHub repositories depend on netmask. click here to read...
Microsoft Corp said early on Tuesday glitches that affected access to workplace messaging app Teams, Outlook.com and other services have been largely fixed after it rolled back an update. click here to read full...
At least 10 different hacking groups are using recently discovered flaws in Microsoft Corp’s mail server software to break into targets around the world, ESET said in a blog post on Wednesday. click here...
