Tech News
General news about the tech industry, trends, and major events.
Google to purchase Wiz for $32 billion in cloud security play
Google announced today a definitive agreement to acquire leading cloud security platform Wiz for $32 billion in an all-cash transaction. Wiz was founded in 2020 and has become one of the largest cybersecurity firms focusing on securing cloud services. The company offers an online cybersecurity platform that connects to different cloud providers, enabling organizations to […]
Critical AMI MegaRAC bug can let attackers hijack, brick servers
A new critical severity vulnerability found in American Megatrends International’s MegaRAC Baseboard Management Controller (BMC) software can let attackers hijack and potentially brick vulnerable servers. MegaRAC BMC provides “lights-out” and “out-of-band” remote system management capabilities that help admins troubleshoot servers as if they were physically in front of the devices. The firmware is used by […]
Blockchain gaming platform WEMIX hacked to steal $6.1 million
Blockchain gaming platform WEMIX suffered a cyberattack last month, allowing threat actors to steal 8,654,860 WEMIX tokens, valued at approximately $6,100,000 at the time. During a press conference held yesterday, WEMIX’s CEO Kim Seok-Hwan confirmed the incident occurred on February 28, 2025, explaining that the delay in issuing a public announcement wasn’t an attempt to […]
Telegram CEO leaves France temporarily as criminal probe continues
French authorities have allowed Pavel Durov, Telegram’s CEO and founder, to temporarily leave the country while criminal activity on the messaging platform is still under investigation. Earlier today, Durov revealed in a Telegram post that he had returned to Dubai after reportedly leaving France from Le Bourget Airport outside Paris. An official at the Paris […]
Microsoft: New RAT malware used for crypto theft, reconnaissance
Microsoft has discovered a new remote access trojan (RAT) that employs “sophisticated techniques” to avoid detection, maintain persistence, and extract sensitive data. While the malware (dubbed StilachiRAT) hasn’t yet reached widespread distribution, Microsoft says it decided to publicly share indicators of compromise and mitigation guidance to help network defenders detect this threat and reduce its […]
OKX suspends DEX aggregator after Lazarus hackers try to launder funds
OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist. OKX is a leading global cryptocurrency exchange that offers a wide range of trading options, including spot and derivatives trading and decentralized […]
Supply chain attack on popular GitHub Action exposes CI/CD secrets
A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. The GitHub Action is a very popular automation tool designed for GitHub Actions workflows. It allows developers to identify files changed in a pull request or commit […]
Microsoft: March Windows updates mistakenly uninstall Copilot
Microsoft says the March 2025 Windows cumulative updates automatically and mistakenly remove the AI-powered Copilot digital assistant from some Windows 10 and Windows 11 systems. The warning was added to updated support documents days after Redmond released this month’s Patch Tuesday security updates. As Microsoft explains, the update applies to all users who install the KB5053598 (Windows […]
Critical RCE flaw in Apache Tomcat actively exploited in attacks
A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. Hackers are reportedly leveraging proof-of-concept (PoC) exploits that were published on GitHub just 30 hours after the flaw was disclosed last week. The malicious activity […]
Fake “Security Alert” issues on GitHub use OAuth app to hijack accounts
A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. “Security Alert: Unusual Access Attempt We have detected a login attempt on your GitHub account that appears to be from a new […]