Security News

Rhode Island confirms data breach after Brain Cipher ransomware attack
2024-12-16 16:51

Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents' personal information after the Brain Cipher ransomware gang hacked its systems. [...]

Clop ransomware claims responsibility for Cleo data theft attacks
2024-12-15 20:15

The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. [...]

390,000 WordPress accounts stolen from hackers in supply chain attack
2024-12-14 15:17

A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. [...]

Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks
2024-12-13 23:56

IOCONTROL targets IoT and OT devices from a ton of makers, apparently An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and...

Citrix shares mitigations for ongoing Netscaler password spray attacks
2024-12-13 22:10

Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. [...]

CISA confirms critical Cleo bug exploitation in ransomware attacks
2024-12-13 21:24

CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. [...]

Starbucks, Supermarkets Targeted in Ransomware Attack
2024-12-13 19:00

In December, ransomware group Termite claimed responsibility for the attacks.

Ultralytics Supply-Chain Attack
2024-12-13 16:33

Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popular AI library ultralytics ­—which has...

New IOCONTROL malware used in critical infrastructure attacks
2024-12-12 20:46

Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...]

Cleo patches critical zero-day exploited in data theft attacks
2024-12-12 17:03

Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. [...]