SonicWall investigates 'cyber incidents,' including ransomware targeting suspected 0-day

Jessica Lyons / theregister - Bypassing MFA and deploying ransomware…sounds like something that rhymes with 'schmero-day' SonicWall on Monday confirmed that it's investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug un…

Back to Top / Monday, August 4, 2025, 5:20 pm / permalink 11596 / 2 stories in 7 months

Perplexity accused of scraping websites that explicitly blocked AI scraping

Lorenzo Franceschi-Bicchierai / techcrunch - Internet giant Cloudflare says it detected Perplexity crawling and scraping websites, even after customers had added technical blocks telling Perplexity not to scrape their pages.

Back to Top / Monday, August 4, 2025, 11:21 am / permalink 11557 / 11 stories in 7 months

Hackers use hidden Raspberry Pi and custom malware to attack bank ATMs

techspot - A recently uncovered attempted bank heist illustrates the growing sophistication and audacity of cybercriminal operations targeting financial institutions. The incident involved a combination of physical intrusion, advanced malware, and anti-forensic meas…

Back to Top / Friday, August 1, 2025, 8:20 am / permalink 11429 / 2 stories in 7 months

Safe reels in $70M for its cyber risk analysis platform

Maria Deutscher / siliconangle - Safe Securities Inc., a startup that helps companies evaluate the effectiveness of their cybersecurity efforts, has raised $70 million in funding. The Series C round was announced today. Avataar Ventures led the investment with participation from Asia Ven…

Back to Top / Thursday, July 31, 2025, 5:21 pm / permalink 11397 / 1 stories in 7 months

CISA open-sources Thorium platform for malware, forensic analysis

Sergiu Gatlan / bleepingcomputer - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced the public availability of Thorium, an open-source platform for malware and forensic analysts across the government, public, and private sectors. [...]

Back to Top / Thursday, July 31, 2025, 12:21 pm / permalink 11364 / 2 stories in 7 months

Microsoft: Kremlin monitors foreign embassies in Moscow through cyber-espionage at ISP level

therecord - In a warning to foreign embassies in Moscow, Microsoft said a Russian state-backed hacking group known as Secret Blizzard or Turla has been using internet service providers for adversary-in-the-middle (AiTM) attacks.

Back to Top / Thursday, July 31, 2025, 12:21 pm / permalink 11363 / 7 stories in 7 months

Spotify exposed: Private listening habits of politicians, journalists and tech bros leaked in a privacy meltdown

Christian Zibreg / idownloadblog - Spotify just leaked private playlists of famous people, and your personal music could be exposed too because of broken privacy settings.

Back to Top / Thursday, July 31, 2025, 10:21 am / permalink 11344 / 2 stories in 7 months

Proton Releases New Two-Factor Authentication App

Tim Hardwick / macrumors - Proton today launched Proton Authenticator, a free two-factor authentication app available across all major platforms including iOS, Android, Windows, macOS, and Linux.The open-source app generates time-based one-time passwords as an additional security l…

Back to Top / Thursday, July 31, 2025, 6:20 am / permalink 11323 / 4 stories in 7 months

Substack Sends Push Alert for Nazi Newsletter

Lucas Ropek / gizmodo - The site says it was an accident.

Back to Top / Wednesday, July 30, 2025, 3:21 pm / permalink 11273 / 4 stories in 7 months

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

Lawrence Abrams / bleepingcomputer - A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. [...]

Back to Top / Wednesday, July 30, 2025, 3:21 pm / permalink 11271 / 4 stories in 7 months

Severe Chrome browser attack vector fixed in latest Apple OS updates

appleinsider - Apple has released security updates for iOS and its other operating systems that patches WebKit against a zero-day vulnerability that was actively in use against Google Chrome users.Google ChromeWhile companies often release security updates to plug issue…

Back to Top / Wednesday, July 30, 2025, 2:22 pm / permalink 11269 / 5 stories in 7 months

Safepay ransomware threatens to leak 3.5TB of Ingram Micro data

Sergiu Gatlan / bleepingcomputer - The SafePay ransomware gang is threatening to leak 3.5TB of data belonging to IT giant Ingram Micro, allegedly stolen from the company's compromised systems earlier this month. [...]

Back to Top / Wednesday, July 30, 2025, 1:21 pm / permalink 11255 / 2 stories in 7 months

Palo Alto Networks to acquire CyberArk in $25B deal

Palo Alto Networks is set to bolster its cybersecurity offerings by acquiring CyberArk in a transaction valued at $25 billion. The deal is positioned as a strategic move to deepen threat detection capabilities while confronting the ever‐increasing risks in the cyber frontier.

Back to Top / Wednesday, July 30, 2025, 9:21 am / permalink 11230 / 3 stories in 7 months

Cyata Launches Security Solution to Rein In Rogue AI Agents

Amid the rising integration of AI agents in everyday business workflows, startup Cyata has unveiled a dedicated solution aimed at keeping these autonomous systems under control. Investors are showing confidence in its approach as the new security tool targets the emerging challenges posed by increasingly independent AI operations.

Back to Top / Wednesday, July 30, 2025, 8:21 am / permalink 11228 / 3 stories in 7 months

Report: Palo Alto Networks could acquire CyberArk for $20B+

Maria Deutscher / siliconangle - Palo Alto Networks Inc. is reportedly close to buying fellow cybersecurity provider CyberArk Software Ltd. The Wall Street Journal today cited sources as saying that the deal could be finalized as soon as this week. CyberArk had a market capitalization of…

Back to Top / Tuesday, July 29, 2025, 5:21 pm / permalink 11191 / 2 stories in 7 months

Tea app’s second data breach exposed over a million private messages

Lauren Forristal / techcrunch - Dating safety app Tea experienced a second data breach in as many weeks, exposing over a million sensitive messages between users.

Back to Top / Tuesday, July 29, 2025, 12:22 pm / permalink 11149 / 5 stories in 7 months

French telecom giant Orange discloses cyberattack

Sergiu Gatlan / bleepingcomputer - Orange, a French telecommunications company and one of the world's largest telecom operators, revealed that it detected a breached system on its network on Friday. [...]

Back to Top / Tuesday, July 29, 2025, 11:21 am / permalink 11138 / 4 stories in 7 months

Microsoft Warns of New ‘SploitLight’ Vulnerability in macOS

Usman Qureshi / iphoneincanada - New SploitLight macOS vulnerability lets attackers use Spotlight plugins to bypass TCC and access sensitive data cached by Apple Intelligence.The post Microsoft Warns of New ‘SploitLight’ Vulnerability in macOS first appeared on iPhone in Canada.

Back to Top / Monday, July 28, 2025, 1:21 pm / permalink 11059 / 6 stories in 7 months

Tea Dating App Suffers Data Breach Leaking 72000 Images, Despite Safety Promise

Chaitanya Kohli / medianama - The data breach that occurred after some male 4Chan users called for a “hack and leak” campaign against the Tea dating app users raised data privacy concerns of such platforms. The post Tea Dating App Suffers Data Breach Leaking 72000 Images, Despite Safe…

Back to Top / Monday, July 28, 2025, 9:21 am / permalink 11035 / 12 stories in 7 months

Flights grounded as Russia’s largest airline Aeroflot hit by cyberattack

Zack Whittaker / techcrunch - Russian prosecutor said it opened a criminal investigation into the cyberattack targeting Aeroflot, the largest airline in Russia.

Back to Top / Monday, July 28, 2025, 9:21 am / permalink 11034 / 4 stories in 7 months