New GhostLock tool abuses Windows API to block file access
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to bl...
Aggregating 7876 articles from trusted cybersecurity sources
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to bl...
Unit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral detection for defenders. The po...
Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI.
In addition to fines, Texas is asking a judge to prevent Netflix from illegally collecting and sharing user data and to mandate that the company no longer us...
Apple is bringing long-awaited end-to-end encryption to Rich Communication Services (RCS) messaging between iPhone and Android users in iOS 26.5.
SailPoint says GitHub repo breach exposed no customer data or production systems.
Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. "If you are using Checkmarx Jenkins AST p...
SailPoint disclosed a GitHub repository breach on April 20. The company contained the incident and said no customer data was affected.
If you’re looking to strengthen your organization’s security posture on Amazon Web Services (AWS) but aren’t sure where to start, then we’re here to help. Se...
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager...
Team8, Index Ventures, Picture Capital, Elad Gil, Cerca Partners, and Tesonet invested in Frame Security. The post Frame Security Emerges From Stealth With $...
The router deadline, originally slated for March 1, 2027, has been pushed back to at least January 1, 2029, according to the announcement from the FCC’s Offi...
The ransomware group D1R claimed to have accessed a database of 40,000 entries from Synopsys and subsequently used this information to target Bosch, alleging...
The D1R cybercrime group claimed to have stolen valuable data from Synopsys and Bosch, threatening to leak it unless a ransom is paid. The post Synopsys Find...
The defendant's lawyer told Finnish media that he does not know where his client is but believes Kivimäki is outside Finland.
Effective data protection determines whether stolen information is actually usable and how much business and regulatory damage an organization suffers after ...
Supermarket giant Lidl has revealed details of a supplier breach impacting customer data
In this Help Net Security video, Chris Boehm, Field CTO, Zero Networks, breaks down how a vendor breach can become your breach. He explains that attackers no...
The "Breach at the Beach" CTF, created by Varonis researchers Doron Kapah and Mark Vaitsman, simulates attacks within Entra ID, focusing on how threat actors...
The compromised data includes customer salutations, first and last names, phone numbers, email addresses, dates of birth, and customer numbers.
The breach was discovered after mass emails were sent from legitimate AFA domains, claiming Argentina "stole" the win from Egypt.
Lidl disclosed a third-party data breach affecting online shop customers in Germany, Belgium, and the Netherlands. Payment data was not exposed.
Following the breach of several of her Telegram channels, controversial Russian journalist Ksenia Sobchak claimed published screenshots of her correspondence...
German discount supermarket chain Lidl has notified customers in Germany, Belgium, and the Netherlands that customer data was stolen after attackers breached...