Phishing attacks target countries aiding Ukrainian refugees
A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.
TrickBot malware operation shuts down, devs move to BazarBackdoor
The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development on the stealthy BazarBackdoor and Anchor malware families.
Ukraine links phishing targeting military to Belarusian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.
New data-wiping malware used in destructive attacks on Ukraine
Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.
New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key
A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.
![[LEAK] Maze + Egregor + Sekhmet keys along with m0yv (expiro) source code](https://rdl.ink/render/https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Fpublic%2Fstyle_images%2Fmaster%2Fmeta_image.png?width=92&height=&ar=&mode=&format=avif&dpr=2)
[LEAK] Maze + Egregor + Sekhmet keys along with m0yv (expiro) source code
Hello, Its developer. It was decided to release keys to the public for Egregor, Maze, Sekhmet ransomware families. also there is a little bit harmless source code of polymorphic x86/x64 modular EPO file infector m0yv detected in the wild as Win64/Expiro virus, but it is not expiro actually, but AV engines detect it like this, so no single thing in common with...
Google Project Zero: Vendors are now quicker at fixing zero-days
Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year.
ASUS urges customers to patch critical router vulnerabilities
ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately update their devices or restrict WAN access until they're secured.
Suspected LockBit ransomware affiliate arrested, charged in US
Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit ransomware on the networks of victims in the United States and abroad.
Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs
Today is Microsoft's June 2023 Patch Tuesday, with security updates for 78 flaws, including 38 remote code execution vulnerabilities.
Terminator antivirus killer is a vulnerable Windows driver in disguise
A threat actor known as Spyboy is promoting a Windows defense evasion tool called
New hacking forum leaks data of 478,000 RaidForums members
A database for the notorious RaidForums hacking forums has been leaked online, allowing threat actors and security researchers insight into the people who frequented the forum.
IT employee impersonates ransomware gang to extort employer
A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing his employer.
Apple fixes three new zero-days exploited to hack iPhones, Macs
Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads.
MalasLocker ransomware targets Zimbra servers, demands charity donation
A new ransomware operation is hacking Zimbra servers to steal emails and encrypt files. However, instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking.
Discord discloses data breach after support agent got hacked
Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised.
Toyota: Car location data of 2 million customers exposed for ten years
Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023.
Multinational tech firm ABB hit by Black Basta ransomware attack
Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting business operations.
Google Chrome emergency update fixes first zero-day of 2023
Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year.
Exploit available for critical bug in VM2 JavaScript sandbox library
Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that is used by multiple software to run code securely in a virtualized environment.
Western Digital discloses network breach, My Cloud service down
Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems. The California-based computer drive maker and provider of data storage services says in a press release that the network security incident was identified last Sunday, on March 26. An investigation is in early stages and the company is coordinating efforts with law enforcement authorities.
New Money Message ransomware demands million dollar ransoms
A new ransomware gang named 'Money Message' has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor.
Hackers compromise 3CX desktop app in a supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack.
Ransomware gang posts video of data stolen from Minneapolis schools
The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.
Medusa ransomware gang picks up steam as it targets companies worldwide
A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands.
Stanford University discloses data breach affecting PhD applicants
Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023.
Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day
The Clop ransomware gang claims to be behind recent attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organizations.
GoDaddy: Hackers stole source code, installed malware in multi-year breach
Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack.
Bitwarden password vaults targeted in Google ads phishing attack
Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide
Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware.