South Korea has fined luxury fashion brands Louis Vuitton, Christian Dior Couture, and Tiffany $25 million for failing to implement adequate security measures, which facilitated unauthorized access and the exposure of data belonging to more than 5.5 million customers. All three brands are part of the Louis Vuitton Moët Hennessy (LVMH) group and suffered data breaches [1, 2, 3] after hackers gained access to their cloud-based customer management service. READ MORE...
Microsoft has warned users that threat actors are leveraging a new variant of the ClickFix technique to deliver malware. The ClickFix attack method has been increasingly used in the past year by both cybercriminals and state-sponsored threat groups. The attack involves attackers displaying a fake error message on a compromised or malicious site. The message instructs the target to address the issue by pressing specific keys, then performing additional steps (eg, running a command). READ MORE...
Ransomware attacks on the IT sector were higher in each quarter of 2025 than in the same quarters of 2024, with the sector ranking third behind manufacturing and commercial facilities on hackers' target lists, according to a new report from the Information Technology Information Sharing and Analysis Center. Nearly half of all ransomware attacks that the IT-ISAC tracked occurred in the U.S., far surpassing the totals in other countries. READ MORE...
The cyber domain has become increasingly important in national defense, with cyber espionage supporting military operations in regional conflicts and cyberattacks increasingly being used against defense firms and other members of the defense industrial base (DIB), experts say. In a recent analysis of cyberattack trends related to military operations and defense support, Google found that China-linked attackers have continued to aggressively target defense firms and military contractors. READ MORE...
A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. The activity has been ongoing since at least May 2025 and is characterized by modularity, which allows the threat actor to quickly resume it in case of partial compromise. The bad actor relies on packages published on the npm and PyPi registries that act as downloaders for a remote access trojan (RAT). READ MORE...
Security researchers have discovered more than 300 Chrome extensions that leak browser data, spy on their users, or outright steal users' data. Research focused on the analysis of network traffic generated by Chrome extensions has uncovered 287 applications transmitting the user's browsing history or search engine results pages (SERP). Some of them, security researcher Q Continuum explains, would essentially expose the data to unsecured networks. READ MORE...
A critical vulnerability in BeyondTrust Remote Support is facing a surge in reconnaissance activity in preparation for more targeted exploitation, according to security researchers. The flaw, tracked as CVE-2026-1731, is an operating system command injection vulnerability that also impacts some older versions of the company's Privileged Remote Access products. If successfully exploited, an unauthenticated attacker can execute arbitrary commands on a server without credentials. READ MORE...
Attacks against modern generative artificial intelligence (AI) large language models (LLMs) pose a real threat. Yet discussions around these attacks and their potential defenses are dangerously myopic. The dominant narrative focuses on "prompt injection," a set of techniques to embed instructions into inputs to LLM intended to perform malicious activity. This term suggests a simple, singular vulnerability. This framing obscures a more complex and dangerous reality. READ MORE...
Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being actively exploited, exposing unpatched businesses and government agencies to attack. The US Cybersecurity and Infrastructure Security Agency added CVE-2024-43468 to its Known Exploited Vulnerabilities catalog on Thursday, setting a March 5 deadline for federal agencies to deploy the patch. READ MORE...