Hawaiian Airlines discloses cyberattack, flights not affected
Hawaiian Airlines, the tenth-largest commercial airline in the United States, is investigating a cyberattack that has disrupted access to some of its systems.
FTC approves $126 million in Fortnite refunds over ‘dark patterns’
The Federal Trade Commission (FTC) has approved $126,000,000 in refunds to be sent to 969,173 Fortnite players as part of a settlement over allegations that Epic Games tricked users into making unwanted purchases.
Scam compounds labeled a 'living nightmare' as Cambodian government accused of turning a blind eye
Amnesty International said it identified dozens of scam compounds in Cambodia, calling the government's response to the nexus of cybercrime and human trafficking "grossly inadequate."
Brother printer bug in 689 models exposes default admin passwords
A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers.
Ex-student charged over hacking university for cheap parking, data breaches
New South Wales police in Australia have arrested a 27-year-old former Western Sydney University (WSU) student for allegedly hacking into the University's systems on multiple occasions, starting with a scheme to obtain cheaper parking.
Cisco warns of max severity RCE flaws in Identity Services Engine
Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC).
3 key takeaways from the Scattered Spider attacks on insurance firms
Identity is the new battleground—and Scattered Spider exploits it. Join Push Security to unpack how identity-based attacks are reshaping the threat landscape, and how to defend against MFA bypass, help desk scams, and more. Watch the webinar now.
Man pleads guilty to hacking networks to pitch security services
A Kansas City man has pleaded guilty to hacking multiple organizations to advertise his cybersecurity services, the U.S. Department of Justice announced on Wednesday.
Microsoft 365 'Direct Send' abused to send phishing as internal users
An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email security and steal credentials.
Why Do Organizations Migrate to the Public Cloud? | CSA
Why do organizations migrate to the public cloud? It may sound like a simple question in 2025, but there’s complexity to it. Hint: It isn’t about cost anymore.