Student Loan Breach Exposes 2.5M Records
2.5 million people were affected, in a breach that could spell more trouble down the line.
2.5 million people were affected, in a breach that could spell more trouble down the line.
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.
Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes.
In March, a North Korean APT siphoned blockchain gaming platform Axie Infinity of $540M.
A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.
Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents.
The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.
Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.
An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers.
Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.
The usual tax-season barrage of cybercriminal activity is already underway with a phishing campaign impersonating the popular accounting and tax-filing software.
In a display of 2FA's fallibility, unauthorized transactions approved without users' authentication bled 483 accounts of funds.
The information-disclosure issue, affecting Macs, iPhones and iPads, allows a snooping website to find out information about other tabs a user might have open.
Here’s what cybersecurity watchers want infosec pros to know heading into 2022.
Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges.
E-commerce's proverbial Who-ville is under siege, with a rise in bots bent on ruining gift cards and snapping up coveted gifts for outrageously priced resale.
Millions of texts leading to the Flubot spyware/banking trojan are targeting everyone who uses Androids in the country, in an “exceptional” attack.
Cyberattackers had unfettered access to the technology giant's file server for four months.
The kingpin domain registrar has logged its fifth cyber-incident since 2018, after an attacker with a compromised password stole email addresses, SSH keys and database logins.
