Security News

The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial...

The threat actor behind this campaign-who has the Gitloker handle on Telegram and is posing as a cyber incident analyst-is likely compromising targets' GitHub accounts using stolen credentials. "I hope this message finds you well. This is an urgent notice to inform you that your data has been compromised, and we have secured a backup," the ransom notes read. When BleepingComputer contacted GitHub earlier today for more details regarding the Gitloker extortion campaign, a spokesperson was not immediately available for comment.

The distributed denial-of-service (DDoS) botnet known as Muhstik has been observed leveraging a now-patched security flaw impacting Apache RocketMQ to co-opt susceptible servers and expand its...

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat...

Your business, attack surface, and threat landscape are not static-they are constantly changing. New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released, and threat actors update their techniques continuously.

Threat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account. The threat actor selling Advance's data for $1.5 million on a hacking forum told BleepingComputer that the data had been stolen in recent attacks targeting cloud storage company Snowflake customers since at least mid-April 2024.

A ransomware attack that hit pathology services provider Synnovis on Monday and impacted several major NHS hospitals in London has now been linked to the Qilin ransomware operation. Memos sent by officials of hospitals affected by the Synnovis ransomware attack revealed on Tuesday that this "Ongoing critical incident" has had a "Major impact" on their procedures and operations.

Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first...

In this Help Net Security interview, Jenn Markey, Advisor to The Entrust Cybersecurity Institute, discusses the increasing adoption of enterprise-wide zero trust strategies in response to evolving cyber threats. Two-thirds of organizations featured in the 2024 State of Zero Trust & Encryption study cited cyber-risk concerns as the main drivers for implementing a zero-trust strategy.

A ransomware attack affecting pathology and diagnostic services provider Synnovis has impacted healthcare services at multiple major NHS hospitals in London.While Synnovis has yet to issue a public statement regarding the June 3 ransomware attack, memos sent by partner hospitals affected by the attack revealed that this "Ongoing critical incident" has had a "Major impact" on healthcare services across southeast London.