Comcast’s Xfinity Breach Exposes Data of 35.8 Million Users
Comcast confirms a massive security breach impacting its Xfinity division. Nearly 36 million customers of the world’s largest telecom provider were exposed as the result of CitrixBleed exploitation. The Breach…
Mr. Cooper’s Data Breach Affects Millions
Hackers have infiltrated the secure databases of Mr. Cooper, a prominent mortgage and loan company, resulting in a massive data breach. Over 14.6 million customers have been affected, making it…
ALPHV Site Taken Down by the FBI
On December 19, 2023, one of the ALPHV/BlackCat ransomware sites was taken down by the FBI. The typical FBI banner now decorates its main, while other sites of the cybercrime…
Kinsta Alerts About Phishing Campaign on Google Ads
Kinsta, a prominent WordPress hosting provider, has issued a warning to its customers regarding a concerning new trend in cyberattacks. Cybercriminals are now leveraging Google Search Ads to promote phishing…
JetBrains Vulnerability Exploited by CozyBear Hackers
JetBrain’s TeamCity servers became a target to a Russian-backed attacker CozyBear. Using a vulnerability discovered back in March 2023, hackers were able to execute arbitrary code without any authorization. TeamCity…
QakBot is Back With a New Email Spam Campaign
Qakbot appears to be back online after the network destruction in the Operation Duck Hunt. Microsoft Threat Intelligence team reports about a new, low-volume email spam campaign that spreads the…
KraftHeinz Hacked by Snatch Ransomware Gang
The global food and beverage company KraftHeinz became a target of an infamous Snatch ransomware gang. Hackers listed the company on its Darknet leak site. This is yet another hack…
Kyivstar, Ukraine’s Biggest Cell Carrier, Hacked
On Tuesday, December 12, 2023, Ukraine’s largest cellular operator Kyivstar got its network infrastructure ruined. This is a result of a hack that was most likely executed by a Russian…
New Apache Struts 2 Vulnerability Allows for RCE
A newly discovered critical security flaw in Apache Struts 2, a widely used open-source web application framework, has spurred an urgent call for users to patch their systems. The flaw,…
Malicious Loan Apps in Play Store Decieved 12M Users
Eighteen malicious loan apps on the Google Play Store, posing as legitimate financial services, have scammed users. They offer high-interest-rate loans while harvesting their personal and financial data for malicious…
PoolParty Injection Techniques Circumvent EDR Solutions
A set of process injection techniques, named PoolParty, was presented at the Black Hat Europe 2023 conference. A set of 8 tricks allows to force running any malicious code, and…
WordPress Critical Vulnerability Fixed in Patch 6.4.2
WordPress has rolled out version 6.4.2, addressing a critical remote code execution (RCE) vulnerability. Discovered by the project’s security team, the vulnerability could potentially be exploited by threat actors to…
