The SEXi ransomware operation, known for targeting VMware ESXi servers, has rebranded under the name APT INC and has targeted numerous organizations in recent attacks. [...]

Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware. [...]

Signal is finally tightening its desktop client's security by changing how it stores plain text encryption keys for the data store after downplaying the issue since 2018. [...]

Today is Microsoft's July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclosed zero-days. [...]

In an ongoing extortion campaign against Ticketmaster, threat actors have leaked almost 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, Phish, Tate McCrae, and Foo Fighters. [...]

E-commerce platform Shopify denies it suffered a data breach after a threat actor began selling customer data they claim was stolen from the company's network. [...]

Hackers have leaked what they claim is Ticketmaster barcode data for 166,000 Taylor Swift Eras Tour tickets, warning that more events would be leaked if a $2 million extortion demand is not paid. [...]

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. [...]

Fake IT support sites promote malicious PowerShell "fixes" for common Windows errors, like the 0x80070643 error, to infect devices with information-stealing malware. [...]

The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. [...]

Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people. [...]

RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week. [...]

The BlackSuit ransomware gang is behind CDK Global's massive IT outage and disruption to car dealerships across North America, according to multiple sources familiar with the matter. [...]

The Los Angeles Unified School District has confirmed a data breach after threat actors stole student and employee data by breaching the company's Snowflake account. [...]

The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned twelve Kaspersky Lab executives for operating in the technology sector of Russia. [...]

UnitedHealth has confirmed for the first time what types of medical and patient data were stolen in the massive Change Healthcare ransomware attack, stating that data breach notifications will be mailed in July. [...]

Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software. [...]

A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. [...]

Car dealership SaaS platform CDK Global suffered an additional breach Wednesday night as it was starting to restore systems shut down in an previous cyberattack. [...]

Forklift manufacturer Crown Equipment confirmed today that it suffered a cyberattack earlier this month that disrupted manufacturing at its plants. [...]

Advance Auto Parts has confirmed it suffered a data breach after a threat actor attempted to sell stolen data on a hacking forum earlier this month. [...]

Car dealership software-as-a-service provider CDK Global was hit by a massive cyberattack, causing the company to shut down its systems and leaving clients unable to operate their business normally. [...]

The Kraken crypto exchange disclosed today that alleged security researchers exploited a zero-day website bug to steal $3 million in cryptocurrency and then refused to return the funds. [...]

AMD is investigating whether it suffered a cyberattack after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains AMD employee information, financial documents, and confidential information. [...]

A scathing report by Australia's Information Commissioner details how misconfigurations and missed alerts allowed a hacker to breach Medibank and steal data from over 9 million people. [...]