News

MuddyWater’s DarkBit ransomware cracked for free data recovery

Cybersecurity firm Profero cracked the encryption of the DarkBit ransomware gang's encryptors, allowing them to recover a ...

Connex Credit Union data breach impacts 172,000 members

Connex, one of Connecticut's largest credit unions, warned tens of thousands of members that unknown attackers had stolen ...

'Chairmen' of $100 million scam operation extradited to US

The U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks.

WinRAR zero-day exploited to plant malware on archive extraction

A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the ...

New EDR killer tool used by eight different ransomware groups

A new Endpoint Detection and Response (EDR) killer that is considered to be the evolution of 'EDRKillShifter,' developed by ...

60 malicious Ruby gems downloaded 275,000 times steal credentials

Sixty malicious Ruby gems containing credential-stealing code have been downloaded over 275,000 times since March 2023, ...

CISA orders fed agencies to patch new Exchange flaw by Monday

CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical ...

U.S. Judiciary confirms breach of court electronic records service

The U.S. Federal Judiciary confirms that it suffered a cyberattack on its electronic case management systems hosting ...

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw

SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older ...

Columbia University data breach impacts nearly 870,000 individuals

An unknown threat actor has stolen the sensitive personal, financial, and health information of nearly 870,000 Columbia ...

Proton fixes Authenticator bug leaking TOTP secrets in logs

Proton fixed a bug in its new Authenticator app for iOS that logged users' sensitive TOTP secrets in plaintext, potentially ...

Microsoft 365 apps to soon block file access via FPRPC by default

Microsoft has announced that the Microsoft 365 apps for Windows will start blocking access to files via the insecure FPRPC ...