Canadian Authorities Arrest Attacker Who Stole Snowflake Data
The suspect, tracked as UNC5537, allegedly bragged about hacking several Snowflake victims on Telegram, drawing attention to himself.
Google Cloud to make MFA mandatory by the end of 2025
Google has announced that multi-factor authentication (MFA) will be mandatory on all Cloud accounts by the end of 2025 to…
Google fixes two Android zero-days used in targeted attacks
Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51…
APT36 Refines Tools in Attacks on Indian Targets
The Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more…
Booking.com Phishers May Leave You With Reservations
A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This…
OpenAI’s new ChatGPT Search Chrome extension feels like a search hijacker
OpenAI's new "ChatGPT search" Chrome extension feels like nothing more than a typical search hijacker, changing Chrome's settings so your address…
Why Did Snowflake Have a Target on It? Handling Data Warehouse Security Risks
In early June, the Ticketmaster breach brought widespread attention to the fact that Snowflake accounts did not require multi-factor authentication…
China’s ‘Evasive Panda’ APT Debuts High-End Cloud Hijacking
A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info…
New tool bypasses Google Chrome’s new cookie encryption system
A researcher has released a tool to bypass Google's new App-Bound encryption cookie-theft defenses and extract saved credentials from the…
Lazarus Group Exploits Chrome Zero-Day in Latest Campaign
The North Korean actor is going after cryptocurrency investors worldwide leveraging a genuine-looking game site and AI-generated content and images.