zkLend loses $9.5M in crypto heist, asks hacker to return 90%
Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 ...
Surge in attacks exploiting old ThinkPHP and ownCloud flaws
Increased hacker activity has been observed in attempts to compromise poorly maintained devices that are vulnerable to older ...
Chinese espionage tools deployed in RA World ransomware attack
A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to ...
DPRK hackers dupe targets into typing PowerShell commands as admin
North Korean state actor 'Kimsuky' (aka 'Emerald Sleet' or 'Velvet Chollima') has been observed using a new tactic inspired ...
Sarcoma ransomware claims breach at giant PCB maker Unimicron
A relatively new ransomware operation named 'Sarcoma' has claimed responsibility for an attack against the Unimicron printed ...
BadPilot network hacking campaign fuels Russian SandWorm attacks
A subgroup of the Russian state-sponsored hacking group APT44, also known as 'Seashell Blizzard' and 'Sandworm', has been ...
Ivanti fixes three critical flaws in Connect Secure & Policy Secure
Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical ...
Google fixes flaw that could unmask YouTube users' email addresses
Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, ...
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws
Today is Microsoft' 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities ...
Microsoft raises rewards for Copilot AI bug bounty program
Microsoft announced over the weekend that it has expanded its Microsoft Copilot (AI) bug bounty program and increased payouts ...
Hacker pleads guilty to SIM swap attack on US SEC X account
Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January ...
SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that ...