Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Premium WPLMS WordPress plugins address seven critical flaws
Two WordPress plugins required by the premium WordPress WPLMS theme, which has over 28,000 sales, are vulnerable to more than a dozen critical severity vulnerabilities. The bugs could enable a remote, unauthenticated attacker to upload arbitrary files to the server, execute code, escalate privileges to administrator level, and perform SQL injections. The WPLMS theme is a learning management […]
US court finds spyware maker NSO liable for WhatsApp hacks
A U.S. federal judge has ruled that Israeli spyware maker NSO Group violated U.S. hacking laws by using WhatsApp zero-days to deploy Pegasus spyware on at least 1,400 devices. NSO Group markets Pegasus as surveillance software for governments that enables clients to monitor victims’ activities and extract data from compromised devices. “This ruling is a […]
Apache fixes remote code execution bypass in Tomcat web server
Apache has released a security update that addresses an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web server and servlet container widely used to deploy and run Java-based web applications. It provides a runtime environment for Java Servlets, JavaServer Pages (JSP), and […]
North Korean hackers stole $1.3 billion worth of crypto this year
North Korean hackers have stolen $1.34 billion worth of cryptocurrency across 47 cyberattacks that occurred in 2024, according to a new report by blockchain analysis company Chainalysis. This amount represents 61% of the total stolen funds for the year, marking a year-over-year increase of 21%. Although the total number of incidents in 2024 reached a […]
New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA
A new Microsoft 365 phishing-as-a-service platform called “FlowerStorm” is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service. First documented by Trustwave in late November 2024, Rockstar2FA operated as a PhaaS platform facilitating large-scale adversary-in-the-middle (AiTM) attacks targeting Microsoft 365 credentials. The service offered advanced evasion mechanisms, a user-friendly panel, and numerous […]
Malicious Rspack, Vant packages published using stolen NPM tokens
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. The supply chain attack, spotted by both Sonatype and Socket researchers, deployed the XMRig cryptocurrency miner on compromised systems for mining the hard-to-trace Monero privacy cryptocurrency. Additionally, Sonatype discovered that all three npm packages […]
US charges Russian-Israeli as suspected LockBit ransomware coder
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. According to a criminal complaint unsealed today in the District of New Jersey, Rostislav Panev, 51, a dual Russian and Israeli national, allegedly helped develop LockBit ransomware encryptors and a custom […]
Sophos discloses critical Firewall remote code execution flaw
Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. The vulnerabilities affect Sophos Firewall version 21.0 GA (21.0.0) and older, with the company already releasing hotfixes that are installed by default and permanent fixes […]
Krispy Kreme breach, data theft claimed by Play ransomware gang
The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November. Krispy Kreme disclosed the incident and subsequent disruptions to its online ordering system in an SEC filing submitted on December 11. The company detected unauthorized activity on some of its information technology systems […]
Ascension: Health data of 5.6 million stolen in ransomware attack
Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. The health network reported a total revenue of $28.3 billion in 2023 and operates 140 hospitals and 40 senior […]