Joomla data breach leaks 2,700 user records via exposed backups
A Joomla database leak has exposed the personal information, including hashed passwords, of 2,700 individuals registered on the Joomla Resources Directory (JRD). The Joomla...
How GitHub untangled itself from the 'Octopus' malware that infected 26 software projects
For GitHub, not all reports about malicious software on its platform are of equal importance. The company behind the popular software repository, where...
Russian hackers are exploiting bug that gives control of US servers
A Russian hacking group tied to power-grid attacks in Ukraine, the world's most destructive data wiper worm, and other nefarious Kremlin operations is exploiting a vulnerability...
Google finds Indian hack-for-hire firms exploiting coronavirus fears via spearphishing schemes
Hack-for-hire firms in India have been impersonating the World Health Organization in credential-stealing spearphishing email campaigns, Google's...
New Android vulnerability Strandhogg 2.0 exploits user trust
A Norwegian infosec firm discovered a new Android vulnerability, which they've dubbed Strandhogg 2.0. Security firm Promon says "Strandhogg" is an old Norse strategy for coastline...
Insidious Android malware gives up all malicious features but one to gain stealth
ESET researchers have analyzed an extremely dangerous Android app that can perform a host of nefarious actions, notably wiping out the victim's bank account or...
FBI offers US companies more details from investigations of health care hacking
The FBI has provided U.S. companies more information on the extent of recent criminal and foreign government-backed hacking operations against the health care sector...
Alleged Hacker Behind Massive 'Collection 1' Data Dump Arrested
A hacker accused of selling hundreds of millions of stolen credentials from last year's "Collection 1" data dump on the dark web has been arrested in the Ukraine. The Security...
Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices
Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to...
Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials
A new phishing campaign can bypass multi-factor authentication (MFA) on Office 365 to access victims' data stored on the cloud and use it to extort a Bitcoin ransom or...
