‘RomCom’ APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a…
Microsoft Finally Releases Recall as Part of Windows Insider Preview
The original version of Recall lacked basic encryption and other data protection measures. The preview version now includes multiple security-focused…
OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts
Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in…
Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets
The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations…
INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled
An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089…
Cross-Site Scripting Is 2024’s Most Dangerous Software Weakness
MITRE and CISA’s 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to…
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install…
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of…