Samsung confirms hackers stole Galaxy devices source code
Samsung Electronics confirmed on Monday that its network was breached and the hackers stole confidential information, including source code present in Galaxy smartphones.
Hackers leak 190GB of alleged Samsung data, source code
The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company.
Malware now using stolen NVIDIA code signing certificates
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they suffered a cyberattack that allowed threat actors to steal employee credentials and proprietary data.
Phishing attacks target countries aiding Ukrainian refugees
A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.
TrickBot malware operation shuts down, devs move to BazarBackdoor
The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development on the stealthy BazarBackdoor and Anchor malware families.
Ukraine links phishing targeting military to Belarusian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.
New data-wiping malware used in destructive attacks on Ukraine
Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.
New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key
A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.
![[LEAK] Maze + Egregor + Sekhmet keys along with m0yv (expiro) source code](https://rdl.ink/render/https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fmeta_image.png?width=92&height=&ar=&mode=&format=avif&dpr=2)
[LEAK] Maze + Egregor + Sekhmet keys along with m0yv (expiro) source code
Hello, Its developer. It was decided to release keys to the public for Egregor, Maze, Sekhmet ransomware families. also there is a little bit harmless source code of polymorphic x86/x64 modular EPO file infector m0yv detected in the wild as Win64/Expiro virus, but it is not expiro actually, but AV engines detect it like this, so no single thing in common with...
Google Project Zero: Vendors are now quicker at fixing zero-days
Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year.
Cloudflare website downed by DDoS attack claimed by Anonymous Sudan
Cloudflare is investigating an ongoing outage causing 'We're sorry
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware.
Discord will switch to temporary file links to block malware delivery
Discord will switch to temporary file links for all users by the end of the year to block attackers from using its CDN (content delivery network) for hosting and pushing malware.
New macOS 'KandyKorn' malware targets cryptocurrency engineers
A new macOS malware dubbed 'KandyKorn' has been spotted in a campaign attributed to the North Korean Lazarus hacking group, targeting blockchain engineers of a cryptocurrency exchange platform. The attackers impersonate members of the cryptocurrency community on Discord channels to spread Python-based modules that trigger a multi-stage KandyKorn infection chain. Elastic Security discovered and attributed the attacks to Lazarus based on overlaps with past campaigns concerning the employed techniques, network infrastructure, code-signing certificates, and custom Lazarus detection rules.
Apple 'Find My' network can be abused to steal keylogged passwords
Apple's "Find My" location network can be abused by malicious actors to stealthily transmit sensitive information captured by keyloggers installed in keyboards. The Find My network and application is designed to help users locate lost or misplaced Apple devices, including iPhones, iPads, Macs, Apple Watches, AirPods, and Apple Tags. The service relies on GPS and Bluetooth data crowd-sourced from millions of Apple devices worldwide to find devices reported as lost or stolen, even if those are offline.
New Microsoft Exchange zero-days allow RCE, data theft attacks
Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
Massive cybercrime URL shortening service uncovered via DNS data
A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to operate undetected.
Atlassian warns of critical Confluence flaw leading to data loss
Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead to data loss following successful exploitation.
HackerOne paid ethical hackers over $300 million in bug bounties
HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception.
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
Citrix warned admins today to secure all NetScaler ADC and Gateway appliances immediately against ongoing attacks exploiting the CVE-2023-4966 vulnerability.
Cisco discloses new IOS XE zero-day exploited to deploy malware implant
Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.
D-Link confirms data breach after employee phishing attack
Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month.
Ukrainian activists hack Trigona ransomware gang, wipe servers
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available.
Ragnar Locker ransomware’s dark web extortion sites seized by police
The Ragnar Locker ransomware operation's Tor negotiation and data leak sites were seized Thursday morning as part of an international law enforcement operation.
Hackers exploit critical flaw in WordPress Royal Elementor plugin
A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams.
Genetics firm 23andMe says user data stolen in credential stuffing attack
23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack.
Sony confirms data breach impacting thousands in the U.S.
Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.
Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers
Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.
Cisco urges admins to fix IOS software zero-day exploited in attacks
Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild.
Apple emergency updates fix 3 new zero-days exploited in attacks
Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year.