Daily News - Março (16/03 - 22/03)

Information & Cyber Security, Privacy and Hacking News --- Daily Updates !! Weekly Resume...

22/03

A Windows phishing campaign made its way to Mac – here’s how to protect your data

Alleged Data Breach of Empik.com Exposes 24.7 Million User Records

Alleged Leak of 160K U.S. Reshipping Site User Records

Attack Update As FBI Warns Email And VPN Users—Activate 2FA Now

Baidu executive’s daughter leaks personal info, company denies data breach

Cloudflare now blocks all unencrypted traffic to its API endpoints

Costa Rica government's Youtube account suffers cyber attack

Costa Rican President's YouTube Regains Control After Cyber Attack

Exploiting Critical Authenticated Bypass Vulnerabilities to Gain Admin Access on GitLab

FBI Warning As iPhone, Android Users ‘Bombarded’ By Chinese Attack

Largest U.S. Sperm Bank Suffers Data Breach Exposing Personal Information

Microsoft Trust Signing service abused to code-sign malware

New PayPal Scam Uses Real Emails—Here’s How to Avoid It

Oracle Denies Breach Amid Hacker’s Claim of Access to 6 Million Records

TH3 EL1T3 GHOST Targeted the Website of Frumi

U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe

VMware Vulnerabilities Exploited Actively to Bypass Security Controls & Deploy Ransomware

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

21/03

5 ransomware threats facing the financial sector – and 5 ways to respond

10 Critical Network Pentest Findings IT Teams Overlook

11 hottest IT security certs for higher pay today

53% of security teams lack continuous and up-to-date visibility

62% of businesses risk missing new PCI DSS Phishing compliance deadline by failing to implement DMARC

A single RTX 4090 managed to brute force crack an Akira ransomware attack in just 7 days

AI will make ransomware even more dangerous

AI-powered phishing attacks rose sharply in the last 6 months

Albabat Ransomware Attacking Windows, Linux & macOS by Leveraging GitHub

Albabat Ransomware Evolves to Target Linux and macOS

Apple Faces Federal Lawsuit Over Delayed Apple Intelligence Features

Arete's Annual Crimeware Report Analyzes Ransomware and Extortion Data from 2024

Attackers Use Fake CAPTCHAs to Deploy Lumma Stealer RAT

Beware of scammers posing as ANZ representatives targeting law firms

Caido v0.47.0 Released – Burp Suite Alternative Web Pentesting Tool Brings New Features

CERT-UA Warns of Escalating Cyberattacks Targeting Ukraine’s Defense Sector with DarkCrystal RAT

Checkpoint ZoneAlarm Driver Flaw Exposes Users to Credential Theft

Child’s play – major US toy manufacturer allegedly hacked by Clop

China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families

Chinese FishMonger APT Operated by I‑SOON Attacking Government Entities & NGOs

CISA Releases Five Industrial Control Systems Advisories Covering Vulnerabilities & Exploits

Cisco smart licensing system sees critical security flaws exploited

Cisco Smart Licensing Utility flaws actively exploited in the wild

Cloudflare to Close All HTTP Ports for APIs, Enforces HTTPS Connection

Cybercriminals Exploit CheckPoint Antivirus Driver in Malicious Campaign

DeepSeek mania inspires multiple scam campaigns

DOGE access to Social Security Administration data blocked by Federal Court

Fake Meta support agent will steal your passwords

Fake Semrush ads used to steal SEO professionals’ Google accounts

Former Michigan Coach Indicted for Hacking Athlete Databases Across 100+ Colleges

Google Maps yanks over 10,000 fake business listings - how to spot the scam

Hackers Are Actively Exploiting Apache Tomcat Servers – Patch Now!

Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities

Hackers Exploiting Checkpoint’s Driver in BYOVD Attack to Bypass Windows Security

Hellcat Ransomware Group Hacked Ascom Technical Ticketing System

How Security Professionals Can Prepare for the CISO Role

Infosys Agrees to $17.5 Million Settlement Following 2023 Data Breach

It's time to update Chrome ASAP - again! - to fix this critical flaw

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Links to the “free” TradingView version hide crypto-stealing malware on Reddit

Malicious ads target Semrush users to steal Google account credentials

Massive Keenetic data leak uncovered: 1M households could be exposed

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

MEDUSA Ransomware Using Malicious ABYSSWORKER Driver to Disable EDR

Microsoft: Exchange Online bug mistakenly quarantines user emails

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248)

New Attacks Exploit Year-Old ServiceNow Flaws – Israel Hit Hardest

North Korea unveils new military unit targeting AI attacks

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Phishing campaign shifts focus to Macs after browsers enhance security on Windows

Popular AI tools tricked to create malware for Chrome browser

Qilin ransomware attack shut Cleveland Municipal Court for over three weeks

RansomHub affiliate uses custom backdoor Betruger

Rooting Android invites hackers: up to 3,000 times more vulnerable

Scammers cash in on tax season

Spain's ruling coalition split over defence spending as EU leaders push for increases

Steam pulls game demo infecting Windows with info-stealing malware

Telecom giant Orange refutes hacker group's claim of 4.5TB data theft

The hidden risk in SaaS: Why companies need a digital identity exit strategy

The UK releases timeline for migration to post-quantum cryptography

These phishing attacks are now targeting Mac browsers - how to protect yourself

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard

Threat Actors Leveraging Reddit Posts To Actively Spread AMOS and Lumma Stealers

UAT-5918 Hackers Exploiting Exposed Web and Application Servers N-Day Vulnerabilities

UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools

UK Sets Timeline for Quantum-Resistant Encryption Transition

US government warns agencies to make sure their backups are safe from NAKIVO security issue

US removes sanctions against Tornado Cash crypto mixer

VanHelsing Ransomware Attacking Windows Systems With New Evasion Technique & File Extension

Veeam urges users to patch security issues which could allow backup hacks

Where Is Computer Vision Essential Today? Insights from Alltegrio's CEO

20/03

5 pitfalls that can delay cyber incident response and recovery

70% of leaked secrets remain active two years later

Apache Tomcat RCE vulnerability: ‘Patch, but there’s no need to panic’

Babuk Ransomware Group Claims Attack on Telecommunication Firm Orange

Babuk2 Ransomware Issuing Fake Extortion Demands With Data from Old Breaches

Better update now – a critical security flaw found in Apache Tomcat

Beware Tax Payers! Scammers Taking Advantage of Tax Season as Filing Deadline Draws Near

Britain has 10 years to prepare for encryption-breaking quantum cyberattacks

California sperm bank says cyber attack compromised patients' data

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

ChatGPT just made you a criminal – with zero evidence

China's Baidu denies data breach after executive's daughter leaks personal info

Chinese military-linked companies dominate US digital supply chain

Chinese “Salt Typhoon” Hackers Exploit Exchange Vulnerabilities to Target Organizations

CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

CISA Alerts on Edimax IP Camera OS Command Injection Exploit

CISA Warns of Edimax IP Camera OS Command Injection Vulnerability Exploited in Attacks

CISA Warns of NAKIVO Backup Flaw Exploited in Attacks with PoC Released

CISA Warns of SAP NetWeaver Directory Traversal Vulnerability Exploited in Attacks

Critical Cisco Smart Licensing Utility flaws now exploited in attacks

Critical Veeam Backup & Replication Vulnerability Allows Remote Execution of Malicious Code

Cybercrime karma: Babuk 2 ransomware steals from fellow crooks, makes fraudulent claims

Cybersecurity in shipping and logistics: Small budgets, big risk

Cybersecurity job market faces disruptions: Hiring declines in key roles amid automation and outsourcing

Dark Crystal trojan targets Ukrainians via Signal messages

Dragon RaaS Leading ‘Five Families’ Crimeware With New Initial Access & Exploitation Methods

FishMonger APT Group Linked to I-SOON in Espionage Campaigns

GitHub Action supply chain attack exposed secrets in 218 repos

Hackers Exploiting Multiple Cisco Smart Licensing Utility Vulnerability

HellCat hackers go on a worldwide Jira hacking spree

Home Affairs to bolster security with secure service edge

How healthcare CISOs can balance security and accessibility without compromising care

How Threat Hunters Enrich Indicators With Context

How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model

IBM AIX Vulnerability Let Attackers Execute Arbitrary Commands

Is it time to retire 'one-off' pen tests for continuous testing?

Israeli Spyware Graphite Targeted WhatsApp with 0-Click Exploit

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates

Kali Linux 2025.1a Released: New Tools and Desktop Environment Upgrades

Kaseya unveils AI tools to boost MSP efficiency & security

Linux Kernel Vulnerability Allows Attackers to Escalate Privileges via Out-of-Bounds Write

Microsoft Attributes Recent Outage of Outlook Web to Code Error in Recent Update

Microsoft lifts Windows 11 upgrade block after Asphalt 8 crash fix

Multiple Dell Secure Connect Gateway Flaws Allows System Compromise

NCSC Sets 2035 Deadline for Post-Quantum Cryptography Migration

New custom malware Betruger backdoor used to carry out ransomware attacks

New Steganographic Malware Exploits JPEG Files to Distribute Infostealers

North Korean IT Workers Exploiting GitHub to Attack Organizations Worldwide

Over Half a Million Hit by Pennsylvania Schools Union Breach

Paragon Spyware Exploited WhatsApp Zero-day Vulnerability to Attack High-value Targets

Pennsylvania State Education Association breach impacted over 500,000 educators

Prominent spyware firm SpyX breached, exposing Apple users

RansomHub Affiliate Deploying New Custom Backdoor Dubbed ‘Betruger’ For Persistence

RansomHub affiliate leverages multi-function Betruger backdoor

RansomHub ransomware uses new Betruger ‘multi-function’ backdoor

Rooted Androids 3,000x More Likely to Be Breached, Even iPhones Not Safe

Rooted Devices 250 Times More Vulnerable to Compromise

Rooted (Jailbroken) Mobile Devices 3.5 Times More Vulnerable to Cyber Attacks

Signal Messenger Exploited in Targeted Attacks on Defense Industry Employees

Signal Messenger Leveraged for Targeted Attacks on Employees of Defense Industry

Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data

SpyX Data Breach Exposes Personal Information of Nearly 2 Million Users

The National Anti-Scam Centre has warned more than 100 potential Australian crypto-scam victims

Top 10 secrets iOS apps leak without you knowing

Trump Administration’s FTC Shake-Up Could Weaken Privacy Oversight

UK CNI Security Leaders Express Confidence in Cybersecurity, Despite 95% Breach Rate

UK Police Arrest 422 in Major Fraud Crackdown

UK urges critical orgs to adopt quantum cryptography by 2035

U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog

User reveals safety feature for going on a run: “At least your loved ones can have peace”

Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems

Veeam patches critical 9.9 flaw in backup and replication product

Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Increases by 130%

We can – and must – do better recovering from ransomware attacks

WhatsApp fixed zero-day flaw used to deploy Paragon Graphite spyware

Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers

WordPress security plugin WP Ghost vulnerable to remote code execution bug

YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users

19/03

5 Identity Threat Detection & Response Must-Haves for Super SaaS Security

41% of Success Logins Across Websites Involves Compromised Passwords

752,000 Browser Phishing Attacks Mark 140% Increase YoY

A worrying Apple Password App vulnerability reportedlyleft users exposed for months

Advanced Cyber Attack Exploits Booking Websites to Deploy LummaStealer Malware

AI Crypto Bot AIXBT Loses $106,200 in ETH Through Dashboard Breach

Alleged Data Breach of Mexican Citizen Information Exposed 1.8M Records

An unpatched Windows zero-day flaw has been exploited by 11 nation-state attackers

ANY.RUN's New Android OS Support Let SOC/DFIR Team Perform Android APK Malware Analysis

APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)

Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla

Attackers Embedding Malicious Word file into a PDF to Evade Detections

Beware of Fake Coinbase Migration Messages Aimed to Steal Your Wallet Credentials

Beware of Fake GitHub “Security Alerts” Let Hackers Hijack Your Account Login Credentials

Billions of credentials were stolen from businesses around the world in 2024

Brian Cox to Discuss Quantum Computing's Impact at Infosecurity Europe 2025

California Cryobank, the largest US sperm bank, disclosed a data breach

Card collectors' secrets spilled in massive Collectibles.com leak

CERT NZ Warns of Critical Apache Tomcat Vulnerability (CVE-2025-24813) Under Active Exploitation

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise

CISA Warns of Exploited GitHub Action CVE-2025-30066 – Users Urged to Patch

CISA Warns of Fortinet FortiOS Authentication Bypass Vulnerability Exploited in Wild

CISA Warns of Supply-Chain Attack Targeting Widely-Used GitHub Action Vulnerability

ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers

Click Profit blocked by the FTC over alleged e-commerce scams

Cloudflare Launches Cloudforce One Threat Platform to Analyze IoCs, IP, Hashes & Domains

Companhia de Serviços de Água, Esgoto e Resíduos de Guaratinguetá (SAEG) informa: conta do Instagram segue bloqueada devido a invasão hacker

Critical AMI BMC Vulnerability Allows Attackers To Bypass Authentication Remotely

Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems

Critical Synology Vulnerability Let Attackers Remote Execute Arbitrary Code

Cybercriminals upgrade Tycoon 2FA phishing kit as Phaas attacks surge

DCCOM and SAFC4DC: A Strategic Move to Secure Singapore’s Digital Backbone

Dependency-Check: Open-source Software Composition Analysis (SCA) tool

DOGE’s cost-cutting database dives offer cybersecurity pros vital lessons in cloud security

Dutch intelligence agencies are secretly collecting more information

Europol Warns of “Shadow Alliance” Between States and Criminals

Fake DeepSeek installers are infecting your device with dangerous malware

FBI alerta empresas para ataque hacker que sequestra dados sensíveis

Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns

Fraudulent Android apps displaying intrusive ads downloaded 60 million times on Google Play

Gartner Warns Agentic AI Will Accelerate Account Takeovers

GitHub Action bug allows supply chain attack; added to CISA list

Google’s $32B Wiz deal ends the era of ‘security theater’

Hackers Abuse Cobalt Strike, SQLMap & Other Tools to Target Organizations’ Web Applications

Hackers exploram falha no PHP para espalhar Quasar RAT e XMRig

Hacker Weaponizing Hard Disk Image Files To Deliver VenomRAT

Hackers Abuse Cobalt Strike, SQLMap & Other Tools to Target Organizations’ Web Applications

Hackers Allegedly Selling Firewall Access to Canon Inc on Hacking Forums

Hackers are now going after crypto AI bots as well

Hackers claim Orange attack, threaten to leak 1TB of data

Hackers claim they’ve breached Orange and have “very detailed” information

Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners

Hackers hide malware in link files, but Microsoft refuses to fix the flaw

Hackers Leveraging Azure App Proxy Pre-authentication to Access Orgs Private Network Resources

Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks

How ‘Agentic AI’ will drive the future of malware

How CISOs are approaching staffing diversity with DEI initiatives under pressure

Leaked Black Basta Chats Suggest Russian Officials Aided Leader's Escape from Armenia

Linux Foundation's trust scorecards aim to battle rising open-source security threats

Knocknoc Raises Seed Funding to Scale Its Just-In-Time Network Access Control Technology

Major US teacher's union breach exposed 500k members' to hackers

Malware campaign 'DollyWay' breached 20,000 WordPress sites

Microsoft to End Support for Windows 10, No More Security Updates!

Microsoft Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing – PoC Released

MirrorFace Hackers Customized AsyncRAT Execution Chain to Run Within Windows Sandbox

Millions of Android TV boxes disconnected from hackers, but the risk remains

Moving beyond checkbox security for true resilience

New AI Jailbreak Technique Bypasses Security Measures to Write Malware for Google Chrome

Not even fairy tales are safe - researchers weaponise bedtime stories to jailbreak AI chatbots and create malware

PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems

Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK

Report: The State of Secrets Sprawl 2025

Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks

Site da Força Aérea Brasileira está fora do ar; hacker assume ataque

Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge

Sophisticated Attack Via Booking Websites Installs LummaStealer Malware

That breach cost HOW MUCH? How CISOs can talk effectively about a cyber incident’s toll

These 10 weak passwords can leave you vulnerable to remote desktop attacks

These malicious Android apps were installed over 60 million times - here's how to stay safe

Threat Actor Claims to Have 2M Stolen Credit Card Records

Threat Actor Sells Alleged South African and Angolan Government Emails

Threat Actors Exploiting Chrome DLL Side-Loading Vulnerability to Execute Malware

Threat Actors Exploiting DLL Side-Loading Vulnerability in Google Chrome to Execute Malicious Payloads

Threat Actors Exploiting Legacy Drivers to Bypass TLS Certificate Validation

Threat Actors Stolen Over 3.2 Billion Login Credentials & Infected 23 Million Devices Worldwide

Top California sperm bank suffers embarrassing leak

U.S. CISA adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog

US Sperm Donor Giant California Cryobank Hacked – Customers Personal Data Exposed

VPN Vulnerabilities Emerges As The Key Tool for Threat Actors to Attack Organizations

Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen

WhatsApp patched zero-click flaw exploited in Paragon spyware attacks

Why it's time for phishing prevention to move beyond email

Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups

18/03

1 in 3 security leaders say AI will make ransomware a greater threat

Ascom affected by cyber attack

BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse

Bitdefender reveals grim milestone in ransomware history

BlackBasta Ransomware Ties to Russian Authorities Uncovered

Blockchain gaming platform WEMIX hacked to steal $6.1 million

Bucks Council reports data breach on planning site

China identifies Taiwanese hackers allegedly behind cyberattacks and espionage

China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation

CISOs Lack Visibility Into Flaws, Fear Ransomware the Most

Data Breach Allegedly Hits PTS News Website, Millions of Records Claimed Stolen

DeepSeek created Chrome infostealer without hesitation, company remains silent

Extortion Reboot: Ransomware Crew Threatens Leak to Snowden

Fake DeepSeek AI Installers, Websites, and Apps Spreading Malware

FBI: Free file converter sites and tools deliver malware

Flashpoint report highlights rising cyberthreats, with infostealers and ransomware leading the way

Fortinet firewall bugs are being targeted by LockBit ransomware hackers

Google to acquire Wiz for $32 billion

Hackers know half of passwords entered online, Cloudflare finds

Hackers target AI and crypto as software supply chain risks grow

How a researcher with no malware-coding skills tricked AI into creating Chrome infostealers

How AI agents help hackers steal your confidential data - and what to do about it

How AI and automation are reshaping security leadership

How financial institutions can minimize their attack surface

How to guard against a vicious Medusa ransomware attack - before it's too late

Inside A Cyberattack: How Hackers Steal Data

Large-Scale Malicious App Campaign Bypassing Android Security

Lloyds Bank accidentally leaks customer data, dozens affected

Medusa ransomware: CISA issues email security warning

Medusa Ransomware Surge: 60 Victims in 3 Months—Are You Next?

Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets

New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads

New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking

New Report Highlights Common Passwords in RDP Attacks

New 'Rules File Backdoor' Attack Lets Hackers Inject Malicious Code via AI Code Editors

New trojan can spy, steal crypto and mask itself to avoid detection

Orange purportedly compromised by Babuk ransomware gang

Over 16.8 Billion Records Exposed as Data Breaches Increase 6%

Over 320K Medicare applications exposed, revealing patients’ health data

“Pay me or I tell Snowden:” are cybercriminals getting more desperate?

PF investiga hacker que deu golpe bancário em diversos países

“Phishing attacks and data breaches biggest threats for consumers”

Plump Spider, o grupo hacker que ataca brasileiros com golpes sofisticados

RansomHub using FakeUpdates scheme to attack government sector

Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers

Sperm donation giant California Cryobank warns of a data breach

Stealthy StilachiRAT steals data, may enable lateral movement

Take These Steps Now to Protect Your Data From Medusa Ransomware

The rise of DAST 2.0 in 2025

Third of UK Supply Chain Relies on “Chinese Military” Companies

Threat Actor Claims Access to UAE Power Company’s Network

Threat Actor Claims to Possess 10GB of Stolen Login Credentials

Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017

U.S. Agencies Warn on Medusa Ransomware

Western Alliance Bank notifies 21,899 customers of data breach

You have 4 days to update Firefox before everything breaks

17/03

£1M Lost as UK Social Media and Email Account Hacks Skyrocket

5 clever ways to use Chromecast on your TV (including one for smart home enthusiasts)

7 misconceptions about the CISO role

23,000 GitHub Repositories Targeted In Supply Chain Attack

Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code

AI development pipeline attacks expand CISOs’ software supply chain risk

AI Operator Agents Assisting Hackers To Write Malicious Code

Akira ransomware decryption method uses GPUs to brute force keys

All your Alexa recordings will go to the cloud soon, as Amazon sunsets Echo privacy

Alleged Sale of 1-Day Remote Code Execution (RCE) Exploit Targeting Microsoft Windows

Android Malware Mimic As DeepSeek To Steal Users Login Credentials

“Anti-shift worker elitist device:” Oura Ring disappoints users after messing up activity tracking

Apache Tomcat flaw actively exploited; could allow ‘devastating’ RCE

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure

Apple Adds RCS End-to-End Encryption for Sending Text Messages Using iPhone

Attackers use CSS to create evasive phishing messages

Beware of Free File Word To PDF Converter That Delivers Malware

BlackLock Ransomware Hacked 40+ Organization Within Two Months

Brydens Lawyers investigating cyber incident that compromised client data

CERT-In Flags Critical Security Flaws in Google Chrome—Users Urged to Update

ChatGPT Down as Users Report “Gateway Time-out” Error

Chinese Volt Typhoon Hackers Exploiting Cisco & NetGear Routers To Compromise Organizations

Cloudflare Introduces E2E Post-Quantum Cryptography Protections

Critical RCE flaw in Apache Tomcat actively exploited in attacks

Custom vs. Off-the-shelf Educational Software

Customers of “China‘s Amazon” had their passwords stolen, hackers say

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions

CyberJund Defaced the Website of Prof. Yoav Talmi

Diplomat Targeted the Website of Ibercaja

Espressif Systems Vulnerabilities Let Attackers Execute Arbitrary Code

European Cyber Report 2025: 137% more DDoS attacks than last year – what companies need to know

FBI warns Gmail, Outlook, and VPN users as Medusa ransomware attacks escalate

Fog ransomware group claims a major data theft from radiology firm UDMI's systems

GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories

GitHub project maintainers targeted with fake security alert

Hacker quebra criptografia do ransomware Akira usando GPUs GeForce RTX 4090

Hackers claim major Chinese online shopping platform Taobao

Hackers claim they’ve breached Orange and have “very detailed” information

Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week

Hackers exploit fake audio issues to spread malware in virtual meetings

Hackers Exploiting CSS to Evade Spam Filters & Track User Actions

Hackers Exploiting TP-Link Vulnerability to Gain Root Access

Here’s how to win the ransomware battle

Infosys reaches $17.5 million settlement over cybersecurity lawsuits

IntelMQ: Open-source tool for collecting and processing security feeds

Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials

Kentico Xperience CMS Authentication Bypass Vulnerability Allow Attackers Execute Arbitrary Code Remotely

Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos

Manage Engine Analytics Vulnerability Allows User Account Takeover

MassJacker Clipper Malware Attacking Users Installing Pirated Software

Microsoft 365 environments exploited in business email attacks

Microsoft: New RAT malware used for crypto theft, reconnaissance

Millions Of RSA Key Exposes Serious Flaws That Can Be Exploited

National Highways CSO Talks Novel Solutions to Cybersecurity in the Public Sector

New C++ Based IIS Malware With Numerous Functionalities Mimics cmd.exe To Stay Undetected

New Steganographic Malware Attack via JPG File Delivers Multiple Password Stealing Malwares

OKX suspends DEX aggregator after Lazarus hackers try to launder funds

Over 120,000 patients impacted in Florida hospital data breach

Pay, fight, or stall? The dilemma of ransomware negotiations

Presidente do México denuncia invasão hacker em celular e e-mail

Proactive Cybersecurity – Staying Ahead of Threats with a Preventive Approach

Researcher Criticizes Microsoft Over Video Requirement for Bug Reports

Researcher releases free GPU-Based decryptor for Linux Akira ransomware

Researchers Confirm BlackLock as Eldorado Rebrand

Researchers Hacked Into Commercial Trucks & Buses To Unlock Remotely

Scammers Pose as Cl0p Ransomware to Send Fake Extortion Letters

Security Database Aims to Empower Non-Profits

Site do aeroporto de Guarulhos sai do ar após ataque hacker

SocGholish Leveraging Compromised Websites To Deploy RansomHub Ransomware

Sperm bank California Cryobank confirms data breach

StilachiRAT Exploits Chrome for Crypto Wallets and Credentials

Supply chain attack on popular GitHub Action exposes CI/CD secrets

Tech firms must start protecting UK users from illegal content

Telegram CEO Returns to Dubai Amid French Investigation Continues

Temu's sister company allegedly hit by ransomware, 700M users at risk

TFE hotels group suffers severe operational disruption following a cyber attack

Tj-actions Supply Chain Attack Exposes 23,000 Organizations

Tomcat Vulnerability Exploited in the Wild to Take Over Apache Tomcat Servers

TwoNet Targeted the Website of HM Sanchinarro

UK's Online Safety Act: Ofcom Can Now Issue Sanctions

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year

US Legislators Demand Transparency in Apple's UK Backdoor Court Fight

Zoom Team Chat Decrypted to Uncover User Activities

Wazuh Open Source SIEM Vulnerability Allows Malicious Code Execution Remotely

Why SharpRhino Malware is Leaving Victims Thunderstruck

16/03

A hacker threatens to sell the bank data of millions of free subscribers

A ransomware attack hit the Micronesian state of Yap, causing the health system network to go down

AI and the Dark Art of Social Engineering

Akira ransomware can be cracked with sixteen RTX 4090 GPUs in around ten hours — new counterattack breaks encryption

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

FBI Warning—Gmail, Outlook And VPN Users Need To Act Now

Follow these 5 steps to protect your NAS against ransomware and keep your data safe

Hacker invade site da Associação Mariliense de Transporte Urbano (AMTU), e coloca propagando de jogo de cassino online

How hackers take over WhatsApp accounts and ways to stop them

Israeli-Russian hacker extradited to US over global ransomware attacks

Lazarus, grupo hacker da Coreia do Norte, acumula mais Bitcoin que Butão e El Salvador

LockBit Developer Rostislav Panev Extradited from Israel to the US

Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts

Medusa Ransomware cyberattacks grow as FBI issues warning. How to stay protected

Seven members of voice phishing group arrested after fleeing to South Korea

SlowMist Uncovers Sneaky LinkedIn Phishing Scam Draining Crypto Wallets

Daily News - Março (16/03 - 22/03) - 12 Semana de 2025

Information & Cyber Security, Privacy and Hacking News --- Daily Updates !! Weekly Resume...

22/03

21/03

20/03

19/03

18/03

17/03

16/03

Semana Anterior

Daily News - Fevereiro (09/03 - 15/03) - 11 Semana de 2025

Posts recentes

Commentaires

Procurar por Tags

Pelo Mundo Afora...