Records reviewed by WIRED show law enforcement agencies are eager to take advantage of the data trails generated by a flood of new internet-connected vehicle features.
Security Latest – Read More
Government and telecommunications sectors in Southeast Asia have become the target of a “sophisticated” campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since June 2024.
The attacks, per Trend Micro, have leveraged custom malware, rootkits, and cloud storage services for data exfiltration. The Philippines, Vietnam, Thailand, and Malaysia are among the
The Hacker News – Read More
Hundreds of companies are showcasing their products and services this week at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 – Pre-Event Announcements Summary (Part 3) appeared first on SecurityWeek.
SecurityWeek – Read More
MTN Group says the personal information of certain customers was compromised in a cybersecurity incident.
The post African Telecom Giant MTN Group Discloses Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a “critical patch” but deploy a backdoor instead.
WordPress security company Patchstack described the activity as sophisticated and a variant of another campaign observed in December 2023 that employed a fake CVE ploy to breach sites running
The Hacker News – Read More
Oregon’s environmental agency won’t say if a group of hackers stole data in a cyberattack that was first announced earlier this month.
The post Oregon Agency Won’t Say If Hackers Stole Data in Cyberattack appeared first on SecurityWeek.
SecurityWeek – Read More
Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access.
The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities –
CVE-2024-58136 (CVSS score: 9.0) – An improper protection of alternate path flaw in the Yii PHP
The Hacker News – Read More
4chan is partly back online after a hack took the infamous image-sharing site down for nearly two weeks. The site first went down on April 14, with the person responsible for the hack apparently leaking data including a list of moderators and “janitors” (one janitor told TechCrunch they were “confident” that the leaked data was […]
Security News | TechCrunch – Read More
Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year.
“The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors,” the Microsoft Threat Intelligence team said in an analysis.
The tech giant noted that
The Hacker News – Read More
Perhaps no one in the world has made such catastrophic tech flubs this year as U.S. Secretary of Defense Pete Hegseth. The saga started when the editor-in-chief of The Atlantic, Jeffrey Goldberg, reported that he had been mistakenly added to an unauthorized Signal group chat by U.S. National Security Advisor Michael Waltz, where numerous high-ranking […]
Security News | TechCrunch – Read More