theft
-
Rockstar Games Data Breach: ShinyHunters Leaks 78.6 Million Records
Rockstar Games has suffered a significant data breach after the infamous threat group ShinyHunters leaked over 78.6 million internal records…
Read More » -
China-Linked APT41 Deploys Stealthy Linux Backdoor with SMTP Command-Control
Security researchers have uncovered a previously undocumented Linux backdoor attributed to China-linked APT41 (Winnti) group, actively targeting cloud workloads across…
Read More » -
Basic-Fit Data Breach Exposes Personal Data of 1 Million European Members
European fitness giant Basic-Fit has confirmed a major data breach compromising approximately 1 million member accounts across its operating regions.…
Read More » -
ClickFix, Malicious DMGs Push notnullOSX to macOS Users
Hackers are abusing ClickFix commands and booby-trapping DMG installers to deliver a new macOS stealer called notnullOSX, built to loot…
Read More » -
New Phishing Campaign Exploits Google Storage to Deliver Remcos RAT
A recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on…
Read More » -
China’s Tianjin Supercomputer Center Allegedly Hit in 10-Petabyte Data Theft
A threat actor has allegedly executed one of the largest data heists in China’s history, siphoning an astounding 10 petabytes…
Read More » -
IBM Security Verify Access Flaws Let Remote Attackers Access Sensitive Data
IBM has issued an urgent security bulletin addressing a slew of vulnerabilities impacting IBM Verify Identity Access and IBM Security…
Read More » -
Cybercriminals Use Fake Zoom, Teams Calls to Deliver Malware
Hackers are increasinglyusing fake Zoom and Microsoft Teams meetings to trick victims into infecting their own systems with malware. SEAL…
Read More » -
Kubernetes Flaws Let Hackers Jump From Containers to Cloud Accounts
Hackers are increasingly abusing Kubernetes misconfigurations to jump from containers into high‑value cloud accounts, turning a single compromised pod into…
Read More » -
Windmill Developer Platform Flaws Expose Users to RCE Attacks, Proof-of-Concept Published
Cybersecurity researchers have discovered critical vulnerabilities in the Windmill developer platform and Nextcloud Flow, an integration embedding the Windmill engine.…
Read More » -
Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours
Hackers are abusing a critical React2Shell vulnerability in Next.js applications to run an automated credential‑theft operation that has already compromised…
Read More » -
Tor-Backed ClickFix Campaign Drops Node.js RAT on Windows
Criminals are leveraging the “ClickFix” scheme, a deceptive tactic that dupes users into engaging with counterfeit CAPTCHA or verification screens.…
Read More » -
Microsoft Warns Storm-1175 Exploiting Web-Facing Flaws to Deploy Medusa Ransomware
Microsoft is warning that a fast‑moving threat actor it tracks as Storm-1175 is aggressively exploiting vulnerabilities in internet‑exposed systems to…
Read More » -
North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns
North Korea’s cyber operations have evolved from a monolithic structure to a modular, portfolio-style ecosystem. This design ensures resilience, making…
Read More » -
14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability
Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity…
Read More »