Security News

Riot Games, the video game developer and publisher behind League of Legends and Valorant, says it will delay game patches after its development environment was compromised last week. Riot Games also added that the breach directly impacted its ability to publish patches for its games.

T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming...

Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers. MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors.

As opening paragraphs go, this one is pretty straightforward, and contains uncomplicated if potentially time-consuming advice: someone other than you probably knows your Norton account password; they may have been able to peek into your password manager as well; please change all passwords as soon as you can. In LastPass's case the stolen passwords weren't of direct and immediate use to the attackers, because each user's password vault was protected by a master password, which wasn't stored by LastPass and therefore wasn't stolen at the same time.

Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. Someone has released software and documentation from both companies.

The Liquor Control Board of Ontario, a Canadian government enterprise and the country's largest beverage alcohol retailer, revealed that unknown attackers had breached its website to inject malicious code designed to steal customer and credit card information at check-out.LCBO revealed on Wednesday that third-party forensic investigators found a credit card stealing script that was active on its website for five days.

The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. "Recently, we identified a widespread campaign of Kinsing that targeted vulnerable versions of WebLogic servers," reads a report by Microsoft security researcher Sunders Bruskin.

American fast-food restaurant chain Chick-fil-A is investigating what it described as "Suspicious activity" linked to some of its customers' accounts. A support page on Chick-fil-A's One Membership Program customer support website provides potentially affected clients with details on what to do if they notice unusual activity on their accounts, if they see any mobile orders placed without their approval, or if they're loyalty points were used to redeem or gift rewards fraudulently.

Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. Similar to Gmail, Xfinity allows customers to configure a secondary email address to be used for account notifications and password resets in the event they lose access to their Xfinity account.

Two U.S. citizens were arrested for allegedly conspiring with Russian hackers to hack the John F. Kennedy International Airport taxi dispatch system to move specific taxis to the front of the queue in exchange for a $10 fee. The taxi dispatch system is a computer-controlled system that ensures that taxis are dispatched from the airport's holding lot to pick up the next available fare at the appropriate terminal.