US lab testing provider exposed health data of 1.6 million people
Laboratory Services Cooperative (LSC) has released a statement informing it suffered a data breach where hackers stole sensitive information of roughly 1.6 million people from its systems. LSC is a Seattle-based nonprofit organization that provides centralized laboratory services to its member affiliates, including select Planned Parenthood centers. It plays a crucial role within its niche, supporting organizations in the reproductive health services across more than 35 U.S. states. READ MORE...
Ransomware attack cost IKEA operator in Eastern Europe $23 million
Fourlis Group, the operator of IKEA stores in Greece, Cyprus, Romania, and Bulgaria, has informed that the ransomware attack it suffered just before Black Friday on November 27, 2024, caused losses estimated to €20 million ($22.8 million). The security incident became public on December 3, 2024, when the group admitted that the technical problems IKEA online shops were facing were due to "malicious external action." READ MORE...
Vulnerability in OttoKit WordPress Plugin Exploited in the Wild
Threat actors are actively exploiting a vulnerability in the OttoKit WordPress plugin, with many websites potentially exposed to complete compromise, WordPress security firm Defiant warns. Formerly named SureTriggers, 'OttoKit: All-in-One Automation Platform' is a plugin that enables website administrators to automate tasks, and connect applications, websites, and WordPress plugins. READ MORE...
China-based SMS Phishing Triad Pivots to Banks
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called "Smishing Triad" mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff. READ MORE...
iOS devices face twice the phishing attacks of Android
2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from nation-states to individuals, are increasingly targeting mobile devices for the onset of their attacks to steal credentials and infiltrate the enterprise cloud in a pathway known as the modern kill chain. More than ever, organizations of every size across every industry must view mobile targeting as a canary in the coal mine. READ MORE...
Ransomware Reaches A Record High, But Payouts Are Dwindling
Shed a tear, if you can, for the poor, misunderstood cybercriminals hard at work trying to earn a dishonest crust by infecting organisations with ransomware. Newly released research has revealed that the riches to be made from encrypting a company's data and demanding a ransom are not proving so easy to come by as they once were. Because although the number of ransomware attacks are reported to have reached record-breaking heights, gangs' profits are thought to be plummeting. READ MORE...
Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs
Google is hosting dozens of extensions in its Chrome Web Store that perform suspicious actions on the more than 4 million devices that have installed them and that their developers have taken pains to carefully conceal. The extensions, which so far number at least 35, use the same code patterns, connect to some of the same servers, and require the same list of sensitive systems permissions. READ MORE...
Zero-Day in CentreStack File-Sharing Platform Under Attack
A critical zero-day vulnerability in a file-sharing platform widely used by managed services providers (MSPs) has been under exploitation since March. The vulnerability, tracked as CVE-2025-30406, is a deserialization flaw in Gladinet's CentreStack, an enterprise file-sharing platform. According to both the CVE.org and National Vulnerability Database (NVD) entries, the CentreStack flaw, which was publicly disclosed on April 3, has been under exploitation since March. READ MORE...
- ...in 1921, the first radio sports broadcast airs, giving listeners the blow-by-blow commentary for a 10-round-boxing match in Pittsburgh.
- ...in 1961, folk singer Bob Dylan performs in New York City for the first time, opening for John Lee Hooker.
- ...in 1968, President Johnson signs the 1968 Civil Rights Act, providing for equal housing opportunities regardless of race, religion, or national origin.
- ...in 1970, Apollo 13 is launched. Two days later, an equipment malfunction forces the crew to make emergency repairs and ultimately scrubs their planned Moon landing.
