Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Telegram now shares users’ IP and phone number on legal requests
Telegram will now share users’ phone numbers and IP addresses with law enforcement if they are found to be violating the platform’s rules following a valid legal request. According to a newly updated privacy policy announced by CEO Pavel Durov on Monday, Telegram will comply with such requests only after receiving a valid court order confirming that […]
New Android malware ‘Necro’ infects 11 million devices via Google Play
A new version of the Necro malware loader for Android was installed on 11 million devices through Google Play in malicious SDK supply chain attacks. This new version of the Necro Trojan was installed through malicious advertising software development kits (SDK) used by legitimate apps, Android game mods, and modified versions of popular software, such as Spotify, […]
Disney ditching Slack after massive July data breach
The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company’s internal communication channels. According to CNBC, Disney has already begun migrating to new “streamlined enterprise-wide collaboration tools” and emailed employees this week to say that they will finish the migration at the end […]
Clickbaity or genius? ‘BF cheated on you’ QR codes pop up across UK
“If your name is Emily and your boyfriend went out last night HE CHEATED. Heres [sic] the video for proof,” states a poster seen in Manchester, England this week. My name isn’t Emily, but anyone who comes across such a poster would stop by to take a closer look—it piques curiosity, breeds insecurity, and sparks controversy. And […]
Dell investigates data breach claims after hacker leaks employee info
Dell has confirmed to GeekFeed that they are investigating recent claims that it suffered a data breach after a threat actor leaked the data for over 10,000 employees. The allegations were published yesterday by a threat actor named “grep,” who alleges that the computing vendor suffered a “minor data breach” in September 2024, exposing internal employee and […]
Clever ‘GitHub Scanner’ campaign abusing repos to push malware
A clever threat campaign is abusing GitHub repositories to distribute the Lumma Stealer password-stealing malware targeting users who frequent an open source project repository or are subscribed to email notifications from it. A malicious GitHub user opens a new “issue” on an open source repository falsely claiming that the project contains a “security vulnerability” and urges […]
Unexplained ‘Noise Storms’ flood the Internet, puzzle experts
Internet intelligence firm GreyNoise reports that it has been tracking large waves of “Noise Storms” containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. These Noise Storms are suspected to be covert communications, DDoS attack coordination signals, clandestine command and control (C2) channels of malware operations, or the result […]
Police dismantles phone unlocking ring linked to 483,000 victims
A joint law enforcement operation has dismantled an international criminal network that used the iServer automated phishing-as-a-service platform to unlock the stolen or lost mobile phones of 483,000 victims worldwide. The global operation, codenamed “Operation Kaerb,” began in 2022 after Europol received information from cybersecurity firm Group-IB, which contributed to identifying the victims and the criminals behind […]
Google Password Manager now automatically syncs your passkeys
Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. Passkeys, which use biometric authentication such as fingerprints, facial recognition, or screen locks, provide a more secure and convenient alternative to traditional passwords, significantly reducing the risk of data breaches. […]
Ivanti warns of another critical CSA flaw exploited in attacks
Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked as CVE-2024-8963, this admin bypass vulnerability is caused by a path traversal weakness. Successful exploitation allows remote unauthenticated attackers to access restricted functionality on vulnerable CSA systems (used as gateways to provide enterprise users secure […]