UK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country. [...]

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models. [...]

Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week. [...]

Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware. [...]

A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023. [...]

Visa is warning about a spike in detections for a new version of the JsOutProx malware targeting financial institutions and their customers. [...]

Cancer treatment and research center City of Hope is warning that a data breach exposed the sensitive information of over 820,000 patients. [...]

Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations. [...]

Data breach alerting service Have I Been Pwned (HIBP) warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of 4.4 million users. [...]

A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin. [...]

AT&T is facing multiple class-action lawsuits following the company's admission to a massive data breach that exposed the sensitive data of 73 million current and former customers. [...]

Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them. [...]

The Chinese 'Winnti' hacking group was found using a previously undocumented malware called UNAPIMON to let malicous processes run without being detected. [...]

Russia's Prosecutor General's Office has announced the indictment of six suspected "hacking group" members for using malware to steal credit card and payment information from foreign online stores. [...]

Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094. [...]

The Indian government says it rescued and repatriated 250 citizens who sought jobs in Cambodia, only to be forced into conducting cybercrime once they arrived. [...]

Impersonation scams in the U.S. exceeded $1.1 billion in losses last year, according to statistics collected by the Federal Trade Commission (FTC), a figure that is three times higher than in 2020. [...]

Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. [...]

Security researchers have observed Red Hat and Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known as XDealer) that may have been operating since 2022. [...]

Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism. [...]

An infostealer malware campaign has reportedly collected millions of logins from users of various gaming websites, including players that use cheats, pay-to-cheat services. [...]

A vulnerability has been discovered in the 'util-linux' library that could allow unprivileged users to put arbitrary text on other users' terminals using the 'wall' command. [...]

The Python Package Index (PyPI) has temporarily suspended user registration and the creation of new projects to deal with an ongoing malware campaign. [...]

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. [...]

Researchers are warning that a notorious hacking group linked to Russia's Foreign Intelligence Service (SVR) is targeting political parties in Germany for the first time, shifting their focus away from the typical targeting of diplomatic missions. [...]