A man accused of working as a hacker for China's Ministry of State Security has been extradited to the USA from Italy, and faces - if found guilty - the prospect of decades behind bars. 34-year-old Xu Zewei arrived in Houston, Texas at the weekend after Italian authorities approved his extradition to the United States. At a federal court hearing on Monday, he pleaded not guilty, and is currently being held at the Federal Detention Center in Houston. READ MORE...
It has been a bad six weeks for security firm Checkmarx. Over the past 40 days, it has been the victim of at least one supply-chain attack that delivered malware to customers on two separate occasions. Now it has been hit by a ransomware attack from prolific fame-seeking hackers. The streak of misfortunes started on March 19 with the supply-chain attack of Trivy, a widely used vulnerability scanner. The attackers behind the breach first breached the Trivy GitHub account. READ MORE...
Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations. Data breach tracker Have I Been Pwned (HIBP) confirmed the breach on April 27, with 8.2 million unique email addresses included in the dump alongside names, phone numbers, and physical addresses. READ MORE...
Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company. The video platform says that the threat actor accessed email addresses for some of its customers, but most of the exposed information included technical data, video titles, and metadata. The Vimeo breach was claimed by the infamous extortion group ShinyHunters. READ MORE...
An analysis of software artifacts from a malicious cyberattack targeting the energy and utilities sector in Venezuela late last year revealed that the attack made significant use of living-off-the-land (LOTL) techniques, lacked a ransomware component, and assiduously identified and deleted critical data. The software used two batch scripts to coordinate the attack throughout the target's network, undermine system defenses, and hobble incident response. READ MORE...
Thirty ClawHub skills published by a single author are silently co-opting AI agents and creating a mass cryptocurrency mining swarm - without any malware or user consent. Agentic AI security outfit Manifold's research lead Ax Sharma spotted the skills on ClawHub, a registry and marketplace for OpenClaw skills. A ClawHub user who goes by "imaflytok" published the skills, which have scored around 9,800 downloads. READ MORE...
Investing and trading platform Robinhood has confirmed that cybercriminals exploited a vulnerability in its account creation process to send out legitimate-looking phishing emails. Many Robinhood users reported receiving suspicious emails over the weekend and an analysis revealed that they were sent out as part of a phishing campaign. According to the company, the emails came from 'noreply@robinhood.com' and had the subject line 'Your recent login to Robinhood'. READ MORE...
Dozens of vulnerabilities, including critical issues that can be exploited to steal sensitive patient information, were discovered recently in the open source electronic medical records platform OpenEMR. OpenEMR, which is used worldwide by over 100,000 healthcare providers to store data on more than 200 million patients, was analyzed by the application security firm Aisle. The company's autonomous analyzer identified 39 issues, of which 38 have been assigned CVE identifiers. READ MORE...