WestJet, Canada's second-largest airline, is investigating a cyberattack that has disrupted access to some internal systems as it responds to the breach. "WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users," reads a security advisory on WestJet's site. "We have activated specialized internal teams in cooperation with law enforcement and Transport Canada to investigate the matter and limit impacts." READ MORE...
North Carolina eye care center Asheville Eye Associates (AEA) is notifying roughly 147,000 individuals that their personal information was stolen in a November 2024 data breach. The incident, the company says, was detected on November 18, after a threat actor gained access to its network and exfiltrated certain files from its systems. "We quickly engaged third-party specialists to assist us," the company informed the impacted individuals. READ MORE...
Ireland-based eyecare technology company Ocuco has informed the US Department of Health and Human Services that it has suffered a data breach impacting more than 240,000 individuals. Ocuco describes itself as the largest optical retail software company in the world, with its software and services being used at over 6,000 locations across 77 countries. The incident is likely related to a hacker attack involving the KillSec ransomware group. READ MORE...
Dutch police have announced that they have identified 126 individuals linked to the now dismantled Cracked.io cybercrime forum. Cracked.io was an online platform used by cybercriminals to trade stolen data, access to compromised accounts, hacking tools, and fraud tutorials. The forum was seized by international law enforcement agencies in January 2025 as part of "Operation Talent," which dismantled the site's infrastructure and seized its domain. READ MORE...
The Cybersecurity and Infrastructure Security Agency (CISA) is urging SimpleHelp customers to patch a known vulnerability following a wave of ransomware attacks targeting downstream customers. The critical path traversal vulnerability, tracked as CVE-2024-57727, affects SimpleHelp's Remote Monitoring and Management (RMM) tool versions 5.5.7 and earlier. If exploited, an unauthenticated attacker can download arbitrary files from the SimpleHelp host. READ MORE...
Bert is a recently-discovered strain of ransomware that encrypts victims' files and demands a payment for the decryption key .In recent weeks Bert has claimed to have stolen information from organisations around the world including a ticket company, a Turkish hospital, an American electronics firm, a Malaysian construction firm, a Columbian IT solutions business, and a Taiwanese company producing equipment for semiconductors. READ MORE...
A single threat has triggered an alarming rise in the abuse of TeamFiltration, an open source penetration-testing framework designed to compromise Microsoft Entra ID accounts. According to new research from Proofpoint, an active account takeover (ATO) campaign that was first observed in December has targeted 80,000 user accounts across approximately 100 cloud tenants. The campaign leverages the TeamFiltration framework to conduct enumeration and password-spraying attacks. READ MORE...
Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware. The campaign relies on a flaw in the Discord invitation system to leverage multi-stage infections that evade multiple antivirus engines. Researchers at cybersecurity company Check Point say that this is also true in the case of expired temporary invites or deleted permanent invitation links. READ MORE...
Vulnerabilities affecting the SinoTrack GPS tracking platform may allow attackers to keep tabs on vehicles' location and even perform actions such as disconnecting power to vehicles' fuel pump (if the tracker can interact with a car's system). The warning was issued by the Cybersecurity and Infrastructure Security Agency (CISA) last week, based on a report by security researcher Raúl Ignacio Cruz Jiménez, and the vulnerabilities have yet to be patched. READ MORE...