The company seemingly underestimated the severity of the breach after originally providing a head count of roughly 36,000 impacted individuals. Read More
Although not yet exploited in the wild, the max-critical authentication bypass bug could allow adversaries to take over unpatched Juniper Session Smart Routers and Conductors, and WAN Assurance Routers, the…
[[{"value":"The British company behind the popular Burp Suite pen-test utilities has banked a massive $112 million investment from Brighton Park Capital. The post PortSwigger Scores Hefty $112 Million Investment appeared…
A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks.
The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and
[[{"value":"HubSpot is "actively investigating and blocking attempts” to hack into customer accounts but some targets have already been compromised. The post HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts appeared…
[[{"value":"Chris Evans, CISO and chief hacking officer at HackerOne, challenges the common perception of both hackers and their motivation. The post Hacker Conversations: Chris Evans, Hacker and CISO appeared first…
Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade. Read More
[[{"value":"Life insurance company Landmark Admin says personal, medical, and insurance information was compromised in a May data breach. The post Landmark Admin Discloses Data Breach Impacting Personal, Medical Information appeared…
[[{"value":"Google has announced a new KVM bug bounty program named kvmCTF with rewards of up to $250,000 for a full VM escape. The post Google Offering $250,000 for Full VM…
The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest.
"These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans," SentinelOne security researcher Alex
[[{"value":"This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full Story in The Independent Sausalito, Calif. – Jul. 291, 2024 Unless you live off-grid and offline,…