UK Companies House Exposed Details of Millions of Firms
A critical vulnerability has been found in a web application of Companies House, the government agency responsible for maintaining the public register of companies in the United Kingdom. According to Tax Policy Associates, the security hole was discovered by John Hewitt of Ghost Mail on March 12, but it existed for several months before a patch was rolled out. Hewitt found that any logged-in user could access other companies' accounts on the Companies House platform. READ MORE...
Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach
Newly uncovered evidence suggests that the recent cyberattack targeting US medical technology giant Stryker involved compromised credentials obtained via infostealer malware. The attack on Stryker, a major manufacturer of surgical equipment and orthopedic implants for hospitals worldwide, came to light on March 11, with the Iran-linked hacker group Handala immediately taking credit. Handala claimed to have wiped more than 200,000 devices. READ MORE...
SideWinder Espionage Campaign Expands Across Southeast Asia
Recent cyber-espionage activity attributed to the SideWinder threat group suggests that the India-linked operation has expanded across Southeast Asia, including Indonesia and Thailand, while continuing to rely on phishing, credential theft, and infrastructure churn to avoid detection. The group often uses a government-audit themed phishing attack to convince employees to open a link, and has consistently reused certain techniques allowing SideWinder to shift geographic targets. READ MORE...
Nordstrom's email system abused to send crypto scams to customers
Customers of upscale department store chain Nordstrom received fraudulent messages from a legitimate company email address that promoted cryptocurrency scams disguised as a St. Patrick's Day promotion. The emails promise recipients to double the cryptocurrency amount deposited to a specific wallet address over the next two hours. "Send cryptocurrency to any of your unique deposit addresses below, and we'll send you right back 200% of the amount you sent," reads the fraudulent message. READ MORE...
More Attackers Are Logging In, Not Breaking In
Credential theft is now the primary way attackers gain initial access to enterprise networks, and the speed, scale, and sophistication with which they are weaponizing stolen credentials is outpacing the ability of defenders to block them. A new analysis of 2025 threat data by Recorded Future shows a startling increase in the volume of stolen credentials available in underground markets last year, suggesting accelerating attacks targeting usernames, passwords, etc. READ MORE...
Apple patches WebKit bug that could let sites access your data
Apple has released a Background Security Improvement to patch a flaw that could allow malicious websites to bypass browser protections and access data from other sites. The patched WebKit vulnerability is described as: "A cross-origin issue in the Navigation API was addressed with improved input validation." WebKit vulnerabilities refer to security flaws in Apple's web rendering engine, which powers Safari, Mail, and the App Store on iOS and macOS. READ MORE...
Inside a network of 20,000+ fake shops
We mapped a sprawling fake shop operation of over 20,000 domains, dozens of shared IP addresses and identical storefronts with different names pasted on top. They exist for one purpose: to steal your payment details and personal data. The thread that ties them all together is a browser tab title most people would never think twice about: "Unrivaled selection only for you." Fake shops are fraudulent websites designed to look and feel like legitimate online retailers. READ MORE...
North Korea's 100,000-strong fake IT worker army rake in $500M a year for Kim Jong Un
Researchers at IBM X-Force and Flare Research have uncovered data that sheds light on how North Korea's fake IT worker schemes operate and infiltrate companies in order to funnel money back to the regime and steal sensitive information. In a published report, "Inside the North Korean infiltrator threat," the pair detail evidence of the top-level infrastructure used to manage the operations, how workers apply for and secure IT roles, and mitigation strategies businesses can use. READ MORE...
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Researchers are warning about the risks posed by a low-cost device that can give insiders and hackers unusually broad powers in compromising networks. The devices, which typically sell for $30 to $100, are known as IP KVMs. Administrators often use them to remotely access machines on networks. The devices, not much bigger than a deck of cards, allow the machines to be accessed at the BIOS/UEFI level, the firmware that runs before the loading of the operating system. READ MORE...
New "Darksword" iOS exploit used in infostealer attack on iPhones
A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app. Darksword targets iPhones running iOS 18.4 through 18.6.2 and is linked to the same, likely Russian threat actor behind the Coruna exploit chain disclosed earlier this month. Lookout Threat Labs researchers say. READ MORE...
- ...in 1766, the British Parliament repeals the Stamp Act, removing the tax on printed materials produced in the American colonies.
- ...in 1850, American Express is founded by Henry Wells and William Fargo.
- ...in 1935, Parker Bros. bought the the rights to Charles Darrow's version of Monopoly, nearly the same as the one still played today.
- ...in 1965, Soviet cosmonaut Alexey Leonov becomes the first person to walk in space, leaving his Voskhod 2 spacecraft for a full 12 minutes and nine seconds.
