Department of Government Efficiency members stored a copy of a massive Social Security Administration database in a "vulnerable" custom cloud environment, putting more than 300 million people's personal information at risk, the agency's chief data officer said in a new whistleblower complaint. The complaint, filed with Congress on Tuesday, revealed new concerns from CDO Charles Borges about "serious data security lapses" allegedly involving DOGE officials working at the SSA. READ MORE...
Hackers stole user credentials from Salesforce customers in a widespread campaign earlier this month, according to researchers at Google Threat Intelligence Group, who warned that the thefts could lead to follow-up attacks. A threat actor that Google tracks as UNC6395 targeted Salesforce instances using compromised OAuth tokens that were associated with the customer engagement vendor Salesloft's Drift AI chat agent. READ MORE...
Nevada remains two days into a cyberattack that began early Sunday, disrupting government websites, phone systems, and online platforms, and forcing all state offices to close on Monday. The impact of the attack was first felt on Sunday morning, with the Governor's Technology Office stating that a 'network issue' began around 1:52 AM PT, affecting the state's IT systems. The Governor's Technology Office warned that online services could be slow or unavailable as teams worked to restore service. READ MORE...
Cybercriminals are targeting critical US manufacturers and supply-chain companies, looking to steal sensitive IP and other data while deploying ransomware. Their attack involves a novel twist on phishing - and a photo of White House butlers. Instead of emailing a malicious link in an unsolicited email, the miscreants initiate contact through the organization's public Contact Us form, tricking the victim into starting the conversation and allowing the attackers to bypass email filter. READ MORE...
A 26-year-old hacker, who breached websites in North America, Yemen, and Israel, and stole the details of millions of people has been sent to prison. Al-Tahery Al-Mashriky was arrested in August 2022 by members of the National Crime Agency in Rotherham, South Yorkshire, after he was linked to the Yemen Cyber Army hacking group through social media and email accounts. In addition, according to a press release issued by the NCA, the hacker had targeted websites in the United States and Canada. READ MORE...
Citrix and cybersecurity researchers warn a critical, zero-day vulnerability affecting multiple versions of Citrix NetScaler products is under active exploitation. Citrix issued a security bulletin about the vulnerability - CVE-2025-7775 - and urged customers on affected versions to install upgrades Tuesday. The memory-overflow vulnerability, which has an initial CVSS rating of 9.2, can be exploited to achieve remote-code execution or denial of service. READ MORE...
TheTruthSpy is at it again. A security researcher has discovered a flaw in the Android-based stalkerware that allows anyone to compromise any record in the system. TheTruthSpy stalkerware is designed to be installed surreptitiously on a victim's Android phone. It then monitors that phone's activities and sends the information it gathers back to a central server. On Monday, TechCrunch revealed-not for the first time-that the servers are vulnerable to attack. READ MORE...
It was probably inevitable - analysts have spotted the first known ransomware strain powered by artificial intelligence. ESET malware researchers Anton Cherepanov and Peter Strycek discovered the emerging strain, which they have named "PromptLock." Although it has not yet been observed in active cyberattacks, the researchers said the PromptLock ransomware appears to be under development and nearly ready to be unleashed onto the threat landscape. READ MORE...
The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the arrangement they'd made with company called DSLRoot, which was paying $250 a month to plug a pair of laptops into the Redditor's high-speed Internet connection in the United States. This post examines the history and provenance of DSLRoot, one of the oldest "residential proxy" networks. READ MORE...
Both domestic and foreign technology companies collect vast amounts of Americans' personal data through mobile applications, according to Incogni. Some apps leverage data for marketing and advertising purposes, feeding algorithms to calculate optimal prices based on consumer behavior, often leading to unwanted spending. Other apps share user data with unnamed third parties, increasing the risk of breaches with every additional recipient. READ MORE...