ShinyHunters claims Santander breach, selling data for 30M customers (www.bleepingcomputer.com)
A threat actor known as ShinyHunters is claiming to be selling a massive trove of Santander Bank data, including information for 30 million customers, employees, and bank account data, two weeks after the bank reported a data breach.
Everbridge warns of corporate systems breach exposing business data (www.bleepingcomputer.com)
Everbridge, an American software company focused on crisis management and public warning solutions, notified customers that unknown attackers had accessed files containing business and user data in a recent corporate systems breach.
Cooler Master confirms customer info stolen in data breach (www.bleepingcomputer.com)
Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19, allowing a threat actor to steal customer data.
ICQ messenger shuts down after almost 28 years (www.bleepingcomputer.com)
Over 90 malicious Android apps with 5.5M installs found on Google Play (www.bleepingcomputer.com)
Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity.
First American December data breach impacts 44,000 people (www.bleepingcomputer.com)
First American Financial Corporation, the second-largest title insurance company in the United States, revealed on Tuesday that a December cyberattack led to a breach impacting 44,000 individuals.
Christie’s confirms breach after RansomHub threatens to leak data (www.bleepingcomputer.com)
Christie's confirmed that it suffered a security incident earlier this month after the RansomHub extortion gang claimed responsibility and threatened to leak stolen data.
TP-Link fixes critical RCE bug in popular C5400X gaming router (www.bleepingcomputer.com)
The TP-Link Archer C5400X gaming router is vulnerable to security flaws that could enable an unauthenticated, remote attacker to execute commands on the device.
Hackers target Check Point VPNs to breach enterprise networks (www.bleepingcomputer.com)
Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company warned in a Monday advisory.
Sav-Rx discloses data breach impacting 2.8 million Americans (www.bleepingcomputer.com)
Prescription management company Sav-Rx is warning over 2.8 million people in the United States that it suffered a data breach, stating that their personal data was stolen in a 2023 cyberattack.
Indian man stole $37 million in crypto using fake Coinbase Pro site (www.bleepingcomputer.com)
An Indian national pleaded guilty to wire fraud conspiracy for stealing over $37 million through a fake Coinbase website used to steal credentials....
Microsoft: Windows 24H2 will remove Cortana and WordPad apps (www.bleepingcomputer.com)
Microsoft says the Cortana, Tips, and WordPad applications will be automatically removed on systems upgraded to the upcoming Windows 11 24H2 release.
Northern Ireland police faces £750k fine after exposing staff info (www.bleepingcomputer.com)
UK's Information Commissioner Office (ICO) has announced the intention to impose a fine of £750,000 ($954,000) on the Police Service of Northern Ireland (PSNI) for exposing the entire workforce's personal details by inadvertently publishing a spreadsheet file online.
Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search (www.bleepingcomputer.com)
LockBit says they stole data in London Drugs ransomware attack (www.bleepingcomputer.com)
Today, the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is now threatening to publish stolen data online after allegedly failed negotiations.
Western Sydney University data breach exposed student data (www.bleepingcomputer.com)
Western Sydney University (WSU) has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment.
Zoom adds post-quantum end-to-end encryption to video meetings (www.bleepingcomputer.com)
Zoom has announced the global availability of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with Zoom Phone and Zoom Rooms to follow soon.
Windows 11 Recall AI feature will record everything you do on your PC (www.bleepingcomputer.com)
Microsoft has announced a new AI-powered feature for Windows 11 called 'Recall,' which records everything you do on your PC and lets you search through your historical activities.
Critical Fluent Bit flaw impacts all major cloud providers (www.bleepingcomputer.com)
A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud providers and many technology giants.
New BiBi Wiper version also destroys the disk partition table (www.bleepingcomputer.com)
A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted victims.
OmniVision discloses data breach after 2023 ransomware attack (www.bleepingcomputer.com)
The California-based imaging sensors manufacturer OmniVision is warning of a data breach after the company suffered a Cactus ransomware attack last year.
QNAP QTS zero-day in Share feature gets public RCE exploit (www.bleepingcomputer.com)
An extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed.
Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising (www.bleepingcomputer.com)
A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.
Banking malware Grandoreiro returns after police disruption (www.bleepingcomputer.com)
The banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.