Internet Archive breached again through stolen access tokens
The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors…
Cisco takes DevHub portal offline after hacker publishes stolen data
Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked "non-public" data, but it…
New Mamba 2FA bypass service targets Microsoft 365 accounts
An emerging phishing-as-a-service (PhaaS) platform called Mamba 2FA has been observed targeting Microsoft 365 accounts in AiTM attacks using well-crafted…
LEGO’s website hacked to push cryptocurrency scam
On Friday night, cryptocurrency scammers briefly hacked the LEGO website to promote a fake Lego token that could be purchased…
Microsoft overhauls security for publishing Edge extensions
Microsoft has introduced an updated version of the "Publish API for Edge extension developers" that increases the security for developer accounts…
Millions of Kia Vehicles Open to Remote Hacks via License Plate
The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking…
Kia dealer portal flaw could let attackers hack millions of cars
A group of security researchers discovered critical flaws in Kia's dealer portal that could let hackers locate and steal millions of…
Microsoft Trims Cloud Cyberattack Surface in Security Push
The company has jettisoned hundreds of thousands of unused apps and millions of unused tenants as part of its Secure…
FBI: Reported cryptocurrency losses reached $5.6 billion in 2023
The FBI says that 2023 was a record year for cryptocurrency fraud, with total losses exceeding $5.6 billion, based on…
GitLab warns of critical pipeline execution vulnerability
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines…