Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its systems using a service provider account. "Our investigation found that the intrusion originated with an account belonging to a third-party service provider that provided support services to Grubhub," the company said on Monday. READ MORE...
A Canadian man has been indicted in federal court in New York for exploiting vulnerabilities in two decentralized finance (DeFi) protocols to fraudulently obtain about $65 million from the protocols' investors. According to court documents, from 2021 to 2023, Andean Medjedovic, 22, allegedly exploited vulnerabilities in the automated smart contracts used by the KyberSwap and Indexed Finance decentralized finance protocols. READ MORE...
AMD on Monday announced patches for a microprocessor vulnerability that could lead to loss of Secure Encrypted Virtualization (SEV) protection, allowing attackers to load malicious microcode. Tracked as CVE-2024-56161 (CVSS score of 7.2), the bug is described as an improper signature verification in the microcode patch loader on the AMD CPU read-only memory. READ MORE...
The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. This high-severity zero-day (tracked as CVE-2024-53104) is a privilege escalation security flaw in the Android Kernel's USB Video Class driver that allows authenticated local threat actors to elevate privileges in low-complexity attacks. READ MORE...
Threat researchers have come across two malicious Python packages offered as resources for integrating the Chinese AI model DeepSeek into software projects. The malicious packages, named 'deepseeek' and 'deepseekai', were uploaded to the Python Package Index (PyPI) package repository by a user named 'bvk' on January 29. The fake DeepSeek packages were detected in minutes by cybersecurity firm Positive Technologies and PyPI administrators removed them within an hour of their publishing. READ MORE...
CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. Mark-of-the-Web (MotW) is a zone identifier used by the Windows operating system to flag files downloaded from the internet as potentially harmful. READ MORE...
Abandoned AWS S3 buckets could be reused to hijack the global software supply chain in an attack that would make Russia's "SolarWinds adventures look amateurish and insignificant," watchTowr Labs security researchers have claimed. The researchers, in a report due out this morning, say they identified about 150 Amazon-hosted cloud storage buckets that were long gone yet applications and websites were still trying to pull software updates and other code from them. READ MORE...