Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. [...]

Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information. [...]

Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively exploited. [...]

A set of critical vulnerabilities dubbed 'ShellTorch' in the open-source TorchServe AI model-serving tool impact tens of thousands of internet-exposed servers, some of which belong to large organizations. [...]

Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks. [...]

A recently uncovered phishing campaign is targeting Microsoft 365 accounts of key executives in U.S.-based organizations by abusing open redirects from the Indeed employment website for job listings. [...]

Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard. [...]

Arm in a security advisory today is warning of an actively exploited vulnerability affecting the widely-used Mali GPU drivers. [...]

The Motel One Group has announced that it has been targeted by ransomware actors who managed to steal some customer data, including the details of 150 credit cards. [...]

A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used projects today. [...]

Cloudflare's Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls. [...]

Sebastien Raoult, a 22-year-old from France, has pleaded guilty in the U.S. District Court of Seattle to conspiracy to commit wire fraud and aggravated identity theft as part of his activities in the ShinyHunters hacking group. [...]

Many Discord users attempting to access the popular instant messaging and VoIP social platform today have been met with a scary "Sorry, you have been blocked" message. [...]

The North Korean 'Lazarus' hacking group targeted employees of an aerospace company located in Spain with fake job opportunities to hack into the corporate network using a previously unknown 'LightlessCan' backdoor. [...]

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware. [...]

Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. [...]

A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor. [...]

A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms. [...]

A joint cybersecurity advisory by the FBI, NSA, CISA, and the Japanese NISC (cybersecurity) and NPA (police) sheds light on the techniques the Chinese threat actors known as BlackTech use to attack Japanese and U.S. organizations. [...]

Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual data from modern graphics cards when visiting web pages. [...]

Hackers are breaching GitHub accounts and inserting malicious code disguised as Dependabot contributions to steal authentication secrets and passwords from developers. [...]

Hackers are utilizing a new trick of using zero-point fonts in emails to make malicious emails appear as safely scanned by security tools in Microsoft Outlook. [...]

A new APT hacking group named 'AtlasCross' targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor malware. [...]

Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers. [...]

Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families in attacks over the past year. [...]