Security News

Oracle Health breach compromises patient data at US hospitals
2025-03-28 14:13

A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. [...]

Infostealer campaign compromises 10 npm packages, targets devs
2025-03-27 20:22

Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers' systems. [...]

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)
2025-03-24 13:07

A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web pages they should no...

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
2025-03-19 05:05

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known...

GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
2025-03-17 10:11

Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous...

CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
2025-02-26 10:53

The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of renewed activity from an organized criminal group it tracks as UAC-0173 that involves infecting computers with a...

Threat actors are using legitimate Microsoft feature to compromise M365 accounts
2025-02-14 14:16

Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device...

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
2025-02-07 12:11

A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating,...

China-aligned PlushDaemon APT compromises supply chain of Korean VPN
2025-01-22 06:00

ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this cyberespionage...

US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks
2024-12-10 20:34

The Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 compromise of tens of...