Latest News

US and British cybersecurity officials have issued a warning about an emerging surge of cyber-intrusions targeting the MOVEit file transfer software. MOVEit is widely used by corporations to securely exchange highly sensitive data, making it a valuable target for cybercriminals. The breaches have

A novel phishing technique known as "File Archiver in the Browser'' could leverage .ZIP domains to deceive users into opening malicious files. Google recently introduced the option to register .ZIP and .MOV domains, which sparked debates about potential cybersecurity risks as these are the same as

Microsoft has agreed to pay $20 million to the Federal Trade Commission (FTC) to settle charges regarding the improper collection and storage of childrens’ data via Xbox Live. The FTC alleged that the tech giant collected childrens’ data without their parent’s consent. In some cases, this data was

A cybersecurity firm, CloudSEK, has discovered many apps infected with SpinOk malware on the Google Play store after an extensive investigation. Their research team identified 193 infected apps, 43 of which were still active on the Google Play Store within the past week. The SpinOk Malware was

A global Magecart attack has wreaked havoc on numerous eCommerce websites, compromising thousands of customers' personal data and credit card information. The sophisticated cybercriminal group responsible for the attack has been injecting malicious scripts into legitimate websites, including

Amazon has agreed to pay a combined $30.8 million to settle privacy allegations brought forth by the Federal Trade Commission (FTC). The lawsuit revolved around privacy lapses related to Amazon's Ring doorbell units and its Alexa assistant. Of the total settlement amount, $5.8 million will be paid

A team of researchers from Varonis Threat Labs recently made a significant discovery regarding certain Salesforce sites. These sites, known as Salesforce Ghost Sites, were once active sites that were left unattended. By exploiting vulnerabilities in the host headers of these websites, malicious

Automattic, the company responsible for the open-source WordPress content management system, has initiated the mandatory installation of a security patch on numerous websites. This action aims to rectify a critical vulnerability found in the Jetpack plugin, which could potentially give a threat

Barracuda Networks, a prominent network and email security vendor, disclosed that a zero-day vulnerability in its Email Security Gateway (ESG) appliances had been exploited for an extended period, resulting in the theft of sensitive data. The vulnerability, tracked as CVE-2023-2868, remained

Cybersecurity researchers at Cisco Talos and the Citizen Lab have delved into the inner workings of the notorious Predator Android spyware, shedding light on its sophisticated surveillance capabilities. Developed by the Israeli company Intellexa (formerly known as Cytrox), Predator records phone