Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data.
Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system.
Both CVE-2024-23108 and CVE-2024-23109 have been assigned provisional scores of 10 on the CVSS scale, suggesting exploits can be carried out remotely by unauthenticated attackers, are low in complexity, and require no user interaction to pull off.
JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances.
A recent analysis by Fortinet's FortiGuard Labs has unveiled a sophisticated Python-based info-stealer distributed through a malicious Excel document. The attack exemplifies the innovative techniques cybercriminals employ to breach personal and organizational data.
Security researchers have sounded the alarm on a new cyberattack campaign using cracked copies of popular software products to distribute a backdoor to macOS users.
Commercial spyware vendors (CSV) were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group (TAG) discovered in 2023 and used to spy on devices worldwide.
Telecom firms linked to the UN-recognisedYemen government have said they fear Houthi rebels are planning to sabotage a network of submarine cables in the Red Sea critical to the functioning of the western internet and the transmission of financial data.
IT’S A DRAMATIC, messy era on the internet. Everything is changing rapidly. There’s broad dissatisfaction with the dominant search engine, and activists are worried about the privacy implications of increasingly intrusive online surveillance.