Flights grounded as Russia’s largest airline Aeroflot hit by cyberattack
Zack Whittaker / techcrunch - Russian prosecutor said it opened a criminal investigation into the cyberattack targeting Aeroflot, the largest airline in Russia.
Back to Top / Monday, July 28, 2025, 9:21 am / permalink 11034 / 4 stories in 7 months
Dating safety app Tea breached, exposing 72,000 user images
Anthony Ha / techcrunch - Tea, an app that allows women to post anonymous comments about men they’ve supposedly dated, announced Friday that it has suffered a data breach, with hackers gaining access to 72,000 images.
Back to Top / Saturday, July 26, 2025, 12:20 pm / permalink 10982 / 2 stories in 7 months
Massive Microsoft SharePoint Zero-Day Hacking Campaign Appears to be Fueled by Leaked Patch Details
Markus Kasanmascheff / winbuzzer - A top security researcher claims the massive SharePoint zero-day attack was fueled by a leak from a Microsoft partner program, giving hackers a critical head start.The post Massive Microsoft SharePoint Zero-Day Hacking Campaign Appears to be Fueled by Lea…
Back to Top / Saturday, July 26, 2025, 8:20 am / permalink 10972 / 2 stories in 7 months
Amazon AI coding agent hacked to inject data wiping commands
Bill Toulas / bleepingcomputer - A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. [...]
Back to Top / Friday, July 25, 2025, 4:21 pm / permalink 10949 / 2 stories in 7 months
Tea App Breach Exposes 72,000 Selfies, ID Photos and Other User Images
Katie Collins / cnet - The images had been in a "legacy data system" that contained information from more than two years ago, the company says.
Back to Top / Friday, July 25, 2025, 2:21 pm / permalink 10939 / 7 stories in 7 months
New Koske Linux malware hides in cute panda images
Bill Toulas / bleepingcomputer - A new Linux malware named Koske may have been developed with artificial intelligence and is using seemingly benign JPEG images of panda bears to deploy malware directly into system memory. [...]
Back to Top / Thursday, July 24, 2025, 4:21 pm / permalink 10873 / 4 stories in 7 months
Compromised Amazon Q extension told AI to delete everything – and it shipped
Tim Anderson / theregister - Malicious actor reportedly sought to expose AWS 'security theater' The official Amazon Q extension for Visual Studio Code (VS Code) was compromised to include a prompt to wipe the user's home directory and delete all their AWS resources.…
Back to Top / Thursday, July 24, 2025, 10:21 am / permalink 10835 / 2 stories in 7 months
Hackers fooled Cognizant help desk, says Clorox in $380M cyberattack lawsuit
Bill Toulas / bleepingcomputer - Clorox is suing IT giant Cognizant for gross negligence, alleging it enabled a massive August 2023 cyberattack by resetting an employee's password for a hacker without first verifying their identity. [...]
Back to Top / Wednesday, July 23, 2025, 1:21 pm / permalink 10746 / 5 stories in 7 months
European authorities arrest alleged admin of notorious Russian crime forum XSS
Zack Whittaker / techcrunch - French authorities say they wiretapped a server used by the administrator to access their private messages, which revealed activities relating to cybercrime and ransomware attacks.
Back to Top / Wednesday, July 23, 2025, 11:21 am / permalink 10733 / 3 stories in 7 months
US nuclear weapons agency breached using Microsoft SharePoint hack
Steve Dent / engadget - The US government agency in charge of designing and maintaining nuclear weapons was among those breached by a hack of Microsoft's SharePoint server software, Bloomberg reported. However, attackers weren't able to obtain any sensitive or classified informa…
Back to Top / Wednesday, July 23, 2025, 8:21 am / permalink 10718 / 10 stories in 7 months
Apple Warned Iranian Dissidents Of iPhone Spyware Attack Months Before War Erupted
bgr - In the months leading up to Israel's recent attack on Iran, there was a concerted effort to hack iPhones of Iranians, but Apple alerts saved them.
Back to Top / Tuesday, July 22, 2025, 5:21 pm / permalink 10684 / 3 stories in 7 months
UK to ban public sector orgs from paying ransomware gangs
Sergiu Gatlan / bleepingcomputer - The United Kingdom's government is planning to ban public sector and critical infrastructure organizations from paying ransoms after ransomware attacks. [...]
Back to Top / Tuesday, July 22, 2025, 9:21 am / permalink 10616 / 4 stories in 7 months
Seemplicity adds AI-powered features to streamline security remediation workflows
Duncan Riley / siliconangle - Security risk reduction and productivity platform provider Seemplicity Security Ltd. today announced major product updates, including three new AI-driven features — AI Insights, Detailed Remediation Steps and Smart Tagging and Scoping — aimed at helping e…
Back to Top / Tuesday, July 22, 2025, 8:20 am / permalink 10610 / 2 stories in 7 months
Mandiant: China-Linked Hackers Behind Recent Microsoft SharePoint Zero-Day Attacks
Markus Kasanmascheff / winbuzzer - Google's Mandiant links a China-nexus hacking group to attacks on a critical SharePoint zero-day (CVE-2025-53770), as Microsoft issues emergency patches.The post Mandiant: China-Linked Hackers Behind Recent Microsoft SharePoint Zero-Day Attacks appeared f…
Back to Top / Tuesday, July 22, 2025, 8:20 am / permalink 10608 / 13 stories in 7 months
UK Government and OpenAI Form Strategic Partnership for AI Security
The UK government has formalized a strategic partnership with OpenAI, ChatGPT’s maker, to enhance AI security research and development. This collaboration aims to bolster national technological prowess while tightening oversight in a rapidly evolving domain, prompting industry watchers to note the curious blend of bureaucracy and breakthrough in AI.
Back to Top / Monday, July 21, 2025, 7:20 pm / permalink 10588 / 2 stories in 7 months
Worldwide cyberattack underway as hackers exploit Microsoft SharePoint zero-day vulnerability
techspot - "Anybody who's got a hosted SharePoint server has got a problem," Adam Meyers, senior vice president with CrowdStrike, told The Washington Post. "It's a significant vulnerability."Read Entire Article
Back to Top / Monday, July 21, 2025, 9:20 am / permalink 10525 / 9 stories in 7 months
Explained: How Crypto Platform CoinDCX Lost Rs.368 Cr in a Hack
Prabhanu Kumar Das / medianama - The Rs368 crore loss from an internal operations account hack was absorbed through the treasury reserves of CoinDCX, but it raised questions about the need for crypto regulation in India.The post Explained: How Crypto Platform CoinDCX Lost Rs.368 Cr in a …
Back to Top / Monday, July 21, 2025, 9:20 am / permalink 10523 / 2 stories in 7 months
Four new Android spyware samples linked to Iran's intel agency
Jessica Lyons / theregister - Persians added snooping capabilities to DCHSpy after Israeli bombs fell Four new samples of Android spyware linked to the Iranian Ministry of Intelligence and Security (MOIS) that collects WhatsApp data, records audio and video, and hunts for files by nam…
Back to Top / Monday, July 21, 2025, 8:20 am / permalink 10517 / 4 stories in 7 months
Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack
Iain Thomson / theregister - PLUS: China upgrades smartphone surveillance tools; Ring eases anti-snooping stance; and more Infosec In Brief Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw that is under attack – and th…
Back to Top / Sunday, July 20, 2025, 8:20 pm / permalink 10499 / 10 stories in 7 months
Japanese police release decryptor for Phobos ransomware after February takedown
therecord - Victims of Phobos ransomware and its 8Base offshoot now have access to a decryptor released by Japanese law enforcement and backed by the FBI and European officials.
Back to Top / Friday, July 18, 2025, 2:20 pm / permalink 10431 / 2 stories in 7 months