The FBI Atlanta Field Office and Indonesian authorities have dismantled the "W3LL" global phishing platform, seizing infrastructure and arresting the alleged developer in what is described as the first coordinated enforcement action between the United States and Indonesia targeting a phishing kit developer. The W3ll Store was a phishing kit and online marketplace that enabled cybercriminals to steal thousands of credentials and attempt more than $20 million in fraud. READ MORE...
"Unauthorized third parties may have been able to access certain booking information associated with your reservation," email alerts sent out by Booking.com over the weekend warn. The online travel agency did not say which system(s) were accessed by the unauthorized third parties nor explained the scope of the incident. They only said that they "recently noticed suspicious activity affecting a number of reservations." READ MORE...
Imagine getting asked to do something by a person in authority. An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official and used pages hosted on Google.com to steal developers' credentials and take over their systems. Open Source Security Foundation (OpenSSF) CTO Christopher Robinson told The Register that the social engineering campaign specifically targets two projects hosted by the Linux Foundation. READ MORE...
The notorious Chinese threat group APT41 is using an undetectable backdoor malware to target Linux-based cloud workloads to steal credentials from Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Alibaba Cloud environments. The backdoor attributed to APT41 uses SMTP port 25 as a covert command-and-control (C2) channel to make its activity "invisible to conventional scanning tools like Shodan and Censys," according to a recent report from Breakglass Intelligence. READ MORE...
Adobe patched an arbitrary code execution vulnerability in the latest versions of its Acrobat and Reader for Windows and macOS, nearly four months after an attacker first appeared to have begun exploiting it. The high-severity vulnerability, assigned as CVE-2026-34621, has a CVSS score of 8.6 and stems from a combination of improper input validation and unsafe handling of object attributes. The flaw was initially assigned a CVSS score of 9.6 but Adobe later revised it. READ MORE...
If you tried to download software from CPUID's website late last week, you might have downloaded malware instead. "Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9 and April 10, causing the main website to randomly display malicious links (our signed original files were not compromised)," Samuel Demeulemeester, a contributor to CPUID, stated on Friday, and apologized to affected users. READ MORE...
A new infostealer dubbed Omnistealer is turning the blockchain into a permanent malware hosting platform, which is bad news for both companies and everyday users. It's pretty common for malware to store its payload on a public platform, ideally one that adds some trustworthiness to the download location, like Google docs, OneDrive, GitHub, npm, PyPI, and so on. The problem for malware peddlers is that these can be taken down. It can sometimes take a while and a lot of trouble, but it's possible. READ MORE...
The internet is full of claims that Microsoft's LinkedIn is scanning users' computers to fingerprint and profile LinkedIn users. Most people in the cybersecurity industry have now heard of BrowserGate. Fewer people will understand it. But in a search for 'BrowserGate' on Chrome, Edge or Safari (as of today), the top return will be a page that reads in bold, "LinkedIn Is Illegally Searching Your Computer". READ MORE...
A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm or its size when checking Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. Researchers warn that an attacker could exploit the issue to force a target device or application to accept forged certificates for malicious servers or connections. wolfSSL is a lightweight TLS/SSL implementation written in C. READ MORE...
I've been teaching college Earth science courses as a part-time faculty member for a long time now, all while juggling other jobs. I started because it was enjoyable, no one gets into this line of work for the famously poor pay or complete lack of job security. Working with students is just one of those genuinely fulfilling experiences that is addictive enough that they ought to warn people about it. But thanks to generative AI, it has become mostly miserable?at least in certain settings. READ MORE...