Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
DeepSeek halts new signups amid “large-scale” cyberattack
Chinese AI platform DeepSeek has disabled registrations on it DeepSeek-V3 chat platform due to an ongoing “large-scale” cyberattack targeting its services. DeepSeek is a relatively new AI platform that has quickly gained attention over the past week for its development and release of an advanced AI model that allegedly matches or outperforms the capabilities of […]
Bitwarden makes it harder to hack password vaults without MFA
Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. When a potentially suspicious login attempt is detected, like from an unrecognized device, the user will now prompted to confirm the action by entering a verification code […]
Microsoft: January Windows security updates break audio playback
Microsoft has confirmed that the January 2025 Windows security updates are breaking audio playback on some systems with external DACs (digital-to-analog converters). DACs are commonly used at home, in professional music studios, and in portable music players to improve audio quality, process signals, or convert digital audio into analog signals for playback through speakers or […]
Apple fixes this year’s first actively exploited zero-day bug
Apple has released security updates to fix this year’s first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. The zero-day fixed today is tracked as CVE-2025-24085 [iOS/iPadOS, macOS, tvOS, watchOS, visionOS] and is a privilege escalation security flaw in Apple’s Core Media framework. “A malicious application may be able to elevate privileges. Apple is aware of a report […]
EU sanctions Russian GRU hackers for cyberattacks against Estonia
The European Union sanctioned three hackers, part of Unit 29155 of Russia’s military intelligence service (GRU), for their involvement in cyberattacks targeting Estonia’s government agencies in 2020. Today, the Council of the EU says that GRU officers Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov stole thousands of sensitive documents containing classified information after breaching several Estonian ministries. […]
Hackers steal $85 million worth of cryptocurrency from Phemex
The Phemex crypto exchange suffered a massive security breach on Thursday where threat actors stole over $85 million worth of cryptocurrency. Following the Thursday cyberattack, the cryptocurrency exchange immediately suspended deposits and withdrawals and published proof of reserves for transparency. According to Phemex’s CEO, Federico Variola, the incident only impacted hot wallets while cold wallets […]
Microsoft Teams phishing attack alerts coming to everyone next month
Microsoft reminded Microsoft 365 admins that its new brand impersonation protection feature for Teams Chat will be available for all customers by mid-February 2025. Once enabled, it will display alerts when detecting phishing attacks targeting organizations that have enabled external Teams access (which allows threat actors to message any user from external domains). The company […]
Clone2Leak attacks exploit Git flaws to steal credentials
A set of three distinct but related attacks, dubbed ‘Clone2Leak,’ can leak credentials by exploiting how Git and its credential helpers handle authentication requests. The attack can compromise passwords and access tokens in GitHub Desktop, Git LFS, GitHub CLI/Codespaces, and the Git Credential Manager. The flaws that make ‘Clone2Leak’ possible were discovered by Japanese researcher RyotaK […]
UnitedHealth now says 190 million impacted by 2024 data breach
UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure. In October, UnitedHealth reported to the US Department of Health and Human Services Office for Civil Rights that the attack affected 100 million people. However, as first reported by TechCrunch, UnitedHealth […]
Ransomware gang uses SSH tunnels for stealthy VMware ESXi access
Ransomware actors targeting ESXi bare metal hypervisors are leveraging SSH tunneling to persist on the system while remaining undetected. VMware ESXi appliances have a critical role in virtualized environments as they can run on a single physical server multiple virtual machines of an organization. They are largely unmonitored and have been a target for hackers looking to […]