Cloudflare recently blocked yet another record-breaking distributed denial-of-service (DDoS) attack, which peaked at 7.3 terabits per second (Tbps). Previous record-breaking DDoS attacks seen by Cloudflare reached 5.6 Tbps and 6.5 Tbps. Cybersecurity blogger Brian Krebs reported last month that his website had been targeted in a 6.3 Tbps attack. The 7.3 Tbps DDoS attack, seen by Cloudflare in mid-May, lasted only 45 seconds and it was aimed at a hosting provider. READ MORE...
News broke today about "one of the largest data breaches in history," sparking wide media coverage filled with warnings and fear-mongering. However, it appears to just be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. To be clear, this is not a new data breach, or a breach at all, and the websites involved were not recently compromised to steal these credentials. READ MORE...
Oxford City Council (UK) says a cyberattack earlier this month resulted in 21 years of data being compromised. It said "some historic data on legacy systems" was accessed by unauthorized attackers, namely the personal information of people who worked on council-administered elections between 2001 and 2022. The majority of those affected are thought to be either current or former council officers, and the authority assured the public that the incident was limited in scope. READ MORE...
The Israel-linked hacker group known as Predatory Sparrow has carried out some of the most disruptive and destructive cyberattacks in history, twice disabling thousands of gas station payment systems across Iran and once even setting a steel mill in the country on fire. Now, in the midst of a new war unfolding between the two countries, they appear to be bent on burning Iran's financial system. READ MORE...
Meta-owned WhatsApp told SecurityWeek that a recent FreeType vulnerability, flagged as potentially exploited at the time of disclosure, has been linked to an exploit of Israeli surveillance solutions provider Paragon. In mid-March, Meta published an advisory on the Facebook security advisories page to inform users about CVE-2025-27363, an out-of-bounds vulnerability in the FreeType open source library that could lead to arbitrary code execution. READ MORE...