Duc App exposes hundreds of thousands of personal records due to server misconfiguration
The exposed data included unencrypted driver's licenses, passports, and other identity verification documents, along with selfies and personal information su...
20 articles
The exposed data included unencrypted driver's licenses, passports, and other identity verification documents, along with selfies and personal information su...
Discovered by Varonis Threat Labs, Storm infostealer operates as a malicious subscription service, targeting multiple browsers like Chrome, Edge, Firefox, an...
The tutorial, analyzed by Flare, outlines a low-cost, difficult-to-detect workflow that begins with identifying vacant residential properties, often found by...
A recent analysis by GreyNoise, examining 4 billion malicious sessions, found that approximately 39% originated from home networks, likely part of residentia...
Researchers at Zscaler's ThreatLabz discovered a GitHub repository disguised as a leaked TypeScript source code for Anthropic's Claude Code CLI.
A digital forensics investigator, identified only as TR, was called in when a client suspected a rival had infiltrated their systems after a data breach.
Analysis of China-nexus groups also discovers double-pronged strategy, one on immediacy, the other around long dwell times.
The new Exam Guidance for Artificial Intelligence maps AI concepts across more than 50 core cybersecurity exam domains.
Alcatraz develops physical security systems utilizing AI-powered facial recognition to control access to critical infrastructure like data centers and airports.
ThreatLocker's reinvention of zero-trust network access shifts access control from credential verification to the endpoint itself.
The acting head of ICE, Todd Lyons, approved the use of Paragon's spyware by Homeland Security Investigations (HSI) to combat the exploitation of encrypted p...
ShinyHunters alleges access to data from three breach paths: UNC6040, Salesforce Aura, and compromised AWS accounts, claiming over three million Salesforce r...
Researchers at watchTowr identified an authentication bypass (CVE-2026-2699) and a remote code execution flaw (CVE-2026-2701) within the Storage Zones Contro...
The future of the web belongs to the companies that can manage AI traffic without killing growth.
The breach was a result of a social engineering attack, where hackers tricked employees into granting system access.
The campaign leverages a newly-discovered phishing kit called VENOM.
Updates have been issued by Google to fix 21 vulnerabilities in its Chrome browser, including the actively exploited high-severity zero-day flaw, tracked as ...
North Dakota's Minot Water Treatment Plant, which serves roughly 80,000 people in Minot and surrounding communities, had its SCADA system impacted by a ranso...
Suspected Iran-linked hacktivist operation Nasir Security, also known as Nasir Resistance, has commenced exposing data allegedly pilfered following a months-...
Major Japanese multinational automaker Nissan has confirmed having its data compromised in a cyberattack against a third-party vendor earlier this year after...