Skip to main content

Security News

Filter by:

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a...
Krebs on Security 17 Jan 2025 75 Views

W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. [...]
Bleepingcomputer 17 Jan 2025 76 Views

Attackers Hijack Google Advertiser Accounts to Spread Malware

It's an especially brazen form of malvertising, researchers say, striking at the heart of Google's business; the tech giant says it's aware of the issue and is working quickly to address the problem.
Dark Reading 16 Jan 2025 159 Views

MFA Failures - The Worst is Yet to Come

This article delves into the rising tide of MFA failures, the alarming role of generative AI in amplifying these attacks, the growing user discontent weakening our defenses, and the glaring vulnerabilities being frequently exploited. The storm is building, and the worst is yet to come...
Bleepingcomputer 16 Jan 2025 70 Views

Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used

Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg Updated  Miscreants running a "mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according to...
The Register 15 Jan 2025 359 Views

Phishing texts trick Apple iMessage users into disabling protection

Cybercriminals are exploiting a trick to turn off Apple iMessage's built-in phishing protection for a text and trick users into re-enabling disabled phishing links. [...]
Bleepingcomputer 13 Jan 2025 422 Views

Banshee 2.0 Malware Steals Apple's Encryption to Hide on Macs

The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple's own antivirus product.
Dark Reading 10 Jan 2025 658 Views

Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed

Here's what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who...
The Register 9 Jan 2025 1741 Views

Green Bay Packers' Online Pro Shop Sacked by Payment Skimmer

Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal credit-card data from 8,500 fans.
Dark Reading 9 Jan 2025 628 Views

CISA warns of critical Oracle, Mitel flaws exploited in attacks

CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. [...]
Bleepingcomputer 8 Jan 2025 818 Views