Comcast, the parent company of Xfinity, has confirmed a massive data breach impacting nearly 36 million customers following the exploitation of a critical vulnerability in Citrix software. The vulnerability, termed "CitrixBleed" and identified as CVE-2023-4966, was first announced by Citrix on
Latest News
A novel attack technique known as SMTP Smuggling has been discovered, allowing hackers to bypass traditional email authentication protocols and send spoofed emails from trusted domains. This technique, uncovered by Timo Longin, a senior security consultant at SEC Consult, exploits vulnerabilities
MongoDB, the US-based company behind the popular open-source NoSQL database management system, has reported a cyberattack that has exposed customer account metadata and contact information. The breach was detected on December 13, 2023, prompting MongoDB to initiate an immediate investigation into
The OLVX Marketplace, identified by ZeroFox researchers, is a new and growing underground market that offers a wide array of tools for helping threat actors succeed in online fraud and cyberattacks. This rise in cybercrime activity is especially concerning as it coincides with the busiest shopping
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that held 1.5 billion records containing real estate ownership data of millions of people, including celebrities, politicians, and even my own personal information. The database
Leading cybersecurity research firm ESET has recently discovered 18 Android loan apps which are scamming users, now known as the "SpyLoan" scandal. These apps, which have been downloaded over 12 million times from Google Play, have been deceiving users with the promise of quick and easy financial
Norton Healthcare, a Kentucky-based nonprofit healthcare system, confirmed a ransomware attack in May compromised the personal data of approximately 2.5 million patients and employees. The attack, which was first detected on May 9, allowed hackers to access certain network storage devices between
A security vulnerability named “AutoSpill” poses a threat to Android users who rely on password managers. It has been identified by researchers at the International Institute of Information Technology (IIIT) in Hyderabad, India. The vulnerability, presented at the Black Hat Europe security
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained just under 1 million records, which included information of a donor platform, including details of charitable organizations, and donors. The publicly exposed
In a landmark privacy move, Meta has announced the rollout of default end-to-end encryption for personal chats and calls on Messenger, marking a significant stride in digital privacy. As articulated by Loredana Crisan, Head of Messenger, this update ushers in a new era where user communications are