Threat actors abused an open redirect on the official website of the United Kingdom’s Department for Environment, Food & Rural Affairs (DEFRA) to direct visitors to...
Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while using Cloudflare Tunnel to bypass firewall...
Threat actors are using a well-crafted Pokemon NFT card game website to distribute the NetSupport remote access tool and take control over victims’ devices. The website...
A developer has released a new tool for Go applications that is designed to combat web-based attacks. Developer and security engineer Dwi Siswanto revealed the open source teler-waf...
The U.S. Federal Communications Commission wants to strengthen federal law enforcement and modernize breach notification requirements for telecommunications companies so that they notify customers of security...
Researchers have found it surprisingly easy to upload malicious Visual Studio Code extensions to the VSCode Marketplace, and discovered signs of threat actors already exploiting this...
Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. Flying Blue is a...
American fast-food restaurant chain Chick-fil-A is investigating what it described as “suspicious activity” linked to some of its customers’ accounts. “We are investigating suspicious activity on some...
This week saw a lot of ransomware news, ranging from new extortion tactics, to a ransomware gang giving away a free decryptor after attacking a children’s...
A pre-authentication remote code execution (RCE) exploit has landed for popular web hosting platform Control Web Panel (CWP). The corresponding vulnerability in CWP 7 was patched and then...