Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks. [...]

The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns. [...]

A cybercriminal using the name "salfetka" claims to be selling the source code of INC Ransom, a ransomware-as-a-service (RaaS) operation launched in August 2023. [...]

Enlarge (credit: Getty Images) Federal agencies, health care associations, and security researchers are warning that a ransomware group tracked under the name Black Basta is ravaging critical infrastructure sectors in attacks that have targeted more than 500 organizations in the past two years. One of the latest casualties of …

AWS IAM Identity Center is the preferred way to provide workforce access to Amazon Web Services (AWS) accounts, and enables you to provide workforce access to many AWS managed applications, such as Amazon Q Developer (Formerly known as Code Whisperer). As we continue to release more AWS managed applications …

AWS IAM Identity Center is the preferred way to provide workforce access to Amazon Web Services (AWS) accounts, and enables you to provide workforce access to many AWS managed applications, such as Amazon Q. As we continue to release more AWS managed applications, customers have told us they want …

Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign. [...]

Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. [...]

The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel. [...]

Firstmac Limited is warning customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm. [...]

Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website. [...]

​CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024. [...]

​Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data. [...]

After many months of taunting law enforcement and offering a million-dollar reward to anyone who could reveal his identity, the FBI and NCA have done just that, revealing the name of LockBitSupp, the operator of the LockBit ransomware operation. [...]

The threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company. [...]

Ascension, a major U.S. healthcare network, is diverting ambulances from several hospitals due to a suspected ransomware attack that has been causing clinical operation disruptions and system outages since Wednesday. [...]

Enlarge (credit: Getty Images ) Google has updated its Chrome browser to patch a high-severity zero-day vulnerability that allows attackers to execute malicious code on end user devices. The fix marks the fifth time this year the company has updated the browser to protect users from an existing malicious exploit …

​The Ohio Lottery is sending data breach notification letters to over 538,000 individuals affected by a cyberattack that hit the organization's systems on Christmas Eve. [...]

​Google has released a security update for the Chrome browser to fix the fifth zero-day vulnerability exploited in the wild since the start of the year. [...]

Security flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS. [...]

Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week. [...]

Project management platform Monday.com has removed its "Share Update" feature after threat actors abused it in phishing attacks. [...]

Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key. [...]

Enlarge (credit: Getty ) For years, Dell customers have been on the receiving end of scam calls from people claiming to be part of the computer maker’s support team. The scammers call from a valid Dell phone number, know the customer's name and address, and use information that should …

AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service. [...]