BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key

/in

BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support SaaS instances by making use of a compromised API key.
The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local application passwords. The breach was first flagged

The Hacker News – ​Read More

Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists

/in

Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members.
The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024.
In a statement to The Guardian, the encrypted messaging app said it has reached

The Hacker News – ​Read More

Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts

/in

Cybersecurity researchers have discovered a malvertising campaign that’s targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials.
“These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft’s advertising platform,” Jérôme Segura, senior

The Hacker News – ​Read More

DeepSeek Jailbreak Reveals Its Entire System Prompt

/in

Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI.

darkreading – ​Read More

DoJ Shutters Cybercrime Forums Behind Attacks on 17M Americans

/in

The “Cracked” and “Nulled” Dark Web sites are now offline, along with the Pakistani “Saim Raza” network of underground forums (aka HeartSender).

darkreading – ​Read More

Community Health Center Data Breach Affects 1M Patients

/in

The CHC remains operational, but a host of personal data is now in the hands of a “skilled cybercriminal,” it said.

darkreading – ​Read More

AI-Generated Content: How Cybercriminals Are Using It for Phishing Scams

/in

AI-generated content is empowering even novice hackers to elevate phishing attacks, enabling highly personalized and convincing scams targeting…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Deepseek’s AI model proves easy to jailbreak – and worse

/in

In one security firm’s test, the chatbot alluded to using OpenAI’s training data.

Latest stories for ZDNET in Security – ​Read More

State Data Privacy Regulators Are Coming. What Story Will You Tell Them?

/in

Regulators are ready to enforce new state data privacy laws. Here’s how experts say organizations can stay compliant and avoid penalties.

darkreading – ​Read More

Regional healthcare systems report data breaches affecting more than 1.5 million

/in

Connecticut’s Community Health Center Inc. and California’s NorthBay Healthcare Corporation reported intrusions that exposed the data of hundreds of thousands of patients.

The Record from Recorded Future News – ​Read More