OAuth Attacks Target Microsoft 365, GitHub
In a cyber twist, attackers behind two of the campaigns are using the apps to redirect users to phishing and malware distribution sites.
darkreading – Read More
ClickFix Attack Compromises 100+ Car Dealership Sites
The ClickFix attack tactic seems to be gaining traction among threat actors.
darkreading – Read More
GitHub restores code following malicious changes to tj-actions tool
GitHub was forced to take action this weekend to help users after a threat actor compromised a popular open source package used by more than 23,000 organizations.
The Record from Recorded Future News – Read More
Medusa Ransomware Strikes 300+ Targets: FBI & CISA Urge Immediate Action to #StopRansomware
Medusa ransomware now operates as a RaaS model, recruiting affiliates from criminal forums to launch attacks, encrypt data, and extort victims worldwide.
Security | TechRepublic – Read More
This slick Linux browser is like a tricked-out Opera – and it’s faster than Firefox
Looking for a web browser that is as cool looking as it is secure and private? Take a look at this fork of Floorp.
Latest stories for ZDNET in Security – Read More
ChatGPT Down as Users Report “Gateway Time-out” Error
ChatGPT Down: Users report “Gateway time-out” errors. OpenAI’s popular AI chatbot is experiencing widespread outages. Stay updated on the service disruption.
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – Read More
Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum
Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.
The post Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum appeared first on SecurityWeek.
SecurityWeek – Read More
Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit
The researchers who discovered the initial assault warned that the simple, staged attack is just the beginning for advanced exploit sequences that will test cyber defenses in new and more difficult ways.
darkreading – Read More
Texas man faces prison for activating ‘kill switch’ on former employer’s network
Software developer Davis Lu was found guilty of sabotaging the company’s systems.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
NIST Announces HQC as Fifth Standardized Post Quantum Algorithm
First choices for both KEMs and DSAs are already standardized, and organizations should not wait for the backups to be available before migrating to PQC.
The post NIST Announces HQC as Fifth Standardized Post Quantum Algorithm appeared first on SecurityWeek.
SecurityWeek – Read More