Three cybersecurity researchers discovered close to 19 million plaintext passwords exposed on the public internet by misconfigured instances of Firebase,…
A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware…
A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control…
Misconfigured Firebase instances leaked 19 million plaintext passwords
Three cybersecurity researchers discovered close to 19 million plaintext passwords exposed on the public internet by misconfigured instances of Firebase,…
New AcidPour data wiper targets Linux x86 network devices
A new destructive malware named AcidPour was spotted in the wild, featuring data-wiper functionality and targeting Linux x86 IoT and…
NHS Breach, HSE Bug Expose Healthcare Data in the British Isles
Whoopsies in Ireland and Scotland speak to a tenuousness of cyber protections for sensitive private healthcare data.
StopCrypt: Most widely distributed ransomware now evades detection
A new variant of StopCrypt ransomware (aka STOP) was spotted in the wild, employing a multi-stage execution process that involves…
StopCrypt: Most widely distributed ransomware evolves to evade detection
A new variant of StopCrypt ransomware (aka STOP) was spotted in the wild, employing a multi-stage execution process that involves…
Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware
Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300…
Magnet Goblin hackers use 1-day flaws to drop custom Linux malware
A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware…
The Week in Ransomware – March 8th 2024 – Waiting for the BlackCat rebrand
We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical…
New WogRAT malware abuses online notepad service to store malware
A new malware dubbed 'WogRAT' targets both Windows and Linux in attacks abusing an online notepad platform named 'aNotepad' as…
Exploit available for new critical TeamCity auth bypass bug, patch now
A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control…