'No impact on safety,' FAA tells The Reg update Hawaiian Airlines said a "cybersecurity incident" affected some of its IT systems, but noted that flights are operating as scheduled. At least one researcher believes Scattered Spider, which previously targeted retailers and insurance companies, could be to blame.... [...]
Pro tip: Don't use your personal email account on BreachForums The notorious data thief known as IntelBroker allegedly broke into computer systems belonging to more than 40 victims worldwide and stole their data, costing them at least $25 million in damages, according to newly unsealed court documents that also …
Charming Kitten unsheathes its claws and tries to catch credentials The cyber-ops arm of Iran's Islamic Revolutionary Guard Corps has started a spear-phishing campaign intent on stealing credentials from Israeli journalists, cybersecurity experts, and computer science professors from leading Israeli universities.... [...]
Two emergency patches issued in two weeks Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed "CitrixBleed 2," the embattled networking device vendor today issued an emergency patch for yet another super-serious flaw in the same products …
It's meant to cut down on false positives but could be a trove for mischief-makers Ring doorbells and cameras are using AI to "learn the routines of your residence," via a new feature called Video Descriptions.... [...]
Why are you even reading this story? Patch now! Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven't been any reports of active exploitation …
A good reminder not to download apps from non-vendor sites Unknown miscreants are distributing a fake SonicWall app to steal users' VPN credentials.... [...]
Chinese crew built 1,000+ device network that runs on home devices then targets critical infrastructure A stealthy, ongoing campaign to gain long-term access to networks bears all the markings of intrusions conducted by China’s ‘Typhoon’ crews and has infected at least 1,000 devices, primarily in the …
Plus 'low-level' hacktivist attempts The US Department of Homeland Security has warned American businesses to guard their networks against Iranian government-sponsored cyberattacks along with "low-level" digital intrusions by pro-Iran hacktivists.... [...]
Don’t trust mystery digits popping up in your search bar Scammers are hijacking the search results of people needing 24/7 support from Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal in an attempt to trick victims into handing over personal or financial info, according to …
If it looks like a duck and walks like a duck... Aflac is the latest insurance company to disclose a security breach following a string of others earlier this week, all of which appear to be part of Scattered Spider's most recent data theft campaign.... [...]
Phishing, Python and RATs, oh my A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.... [...]
Infostealers posing as popular cheat tools are cropping up on GitHub Trojanized Minecraft cheat tools hosted on GitHub have secretly installed stealers that siphon credentials, crypto wallets, and other sensitive data when executed by players.... [...]
New MCP server was shut down for nearly two weeks Asana has fixed a bug in its Model Context Protocol (MCP) server that could have allowed users to view other organizations' data, and the experimental feature is back up and running after nearly two weeks of downtime to fix …
Meanwhile, next-gen script kiddies are levelling up faster thanks to agentic AI Interview Iran's state-sponsored cyber operatives and hacktivists have all increased their activities since the military conflict with Israel erupted last week – but not necessarily in the way that Amazon chief information security officer CJ Moses expected.... [...]
Plus adds a ton more security capabilities for cloud customers at re:Inforce Amazon Web Services hit a major multi-factor authentication milestone, achieving 100 percent MFA enforcement for root users across all types of AWS accounts.... [...]
Google threat analysts warn the team behind the Marks & Spencer break-in has moved on Cyber-crime crew Scattered Spider has infected US insurance companies following a series of ransomware attacks against American and British retailers, according to Google, which urged this sector to be on "high alert."... [...]
The group has previously threatened to SWAT cancer patients and leaked pre-op plastic surgery photos An extortion gang claims to have breached Freedman HealthCare, a data and analytics firm whose customers include state agencies, health providers, and insurance companies, and is threatening to dump tens of thousands of sensitive …
With Tehran’s military weakened, digital retaliation likely, experts tell The Reg The current Israel–Iran military conflict is taking place in the era of hybrid war, where cyberattacks amplify and assist missiles and troops, and is being waged between two countries with very capable destructive cyber weapons.... [...]
Some trace back to an outfit under US export controls for alleged PLA links Both Apple's and Google's online stores offer free virtual private network (VPN) apps owned by Chinese companies, according to researchers at the Tech Transparency Project, and they don't make this fact readily known to people …
Good news: The vendor patched the flaw in January. Bad news: Not everyone got the memo Ransomware criminals infected a utility billing software providers' customers, and in some cases disrupted services, after exploiting unpatched versions of SimpleHelp’s remote monitoring and management (RMM) tool, according to a Thursday CISA …
'BrowserVenom' is pure poison Suspected cybercriminals have created a fake installer for Chinese AI model DeepSeek-R1 and loaded it with previously unknown malware called "BrowserVenom".... [...]
FIN6 moves from point-of-sale compromise to phishing recruiters In a scam that flips the script on fake IT worker schemes, cybercriminals posing as job seekers on LinkedIn and Indeed are targeting recruiters - a group hated only slightly less than digital crooks - with malware hosted on phony resume portfolio sites …
The botnet’s still alive and evolving Badbox 2.0, the botnet that infected millions of smart TV boxes and connected devices before private security researchers and law enforcement partially disrupted its infrastructure, is readying for a third round of fraud and digital attacks, according to one of the …
Also axes secure software mandates - optional is the new secure, apparently President Donald Trump late Friday signed a cybersecurity-focused executive order that, in the White House's words, "amends problematic elements of Obama and Biden-era Executive Orders."... [...]