Collaborate Disseminate
ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data. Continue reading 14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data
Researchers at Point Wild have discovered a new ClickFix attack campaign that tricks users into manually installing DarkGate malware via fake browser extension alerts. Learn how this attack bypasses security by using the Windows Run box and how you can… Continue reading New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware
Cybercriminal group ShinyHunters targets former Pornhub Premium users in a massive 94GB data extortion campaign. Learn about the stolen data details, the involvement of a smishing attack, and the conflicting reports on the breach. Continue reading Hackers Claim Stealing 94GB of Pornhub Premium User Watch Histories
SoundCloud confirms a breach affecting an estimated 20% of users, resulting in stolen email addresses. The company is dealing with follow-up DoS attacks by unnamed attackers while media reports allege involvement of ShinyHunters. Continue reading SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users
A critical vulnerability (CVE-2025-34352) found by XM Cyber in the JumpCloud Remote Assist for Windows agent allows local users to gain full SYSTEM privileges. Businesses must update to version 0.317.0 or later immediately to patch the high-severity flaw. Continue reading JumpCloud Remote Assist Flaw Lets Users Gain Full Control of Company Devices
US auto loan service 700Credit confirms a data breach exposed names, addresses, and Social Security numbers of dealership customers. Free credit monitoring is offered. Continue reading 700Credit Data Breach Exposed Details of 5.6 Million Consumers
Cybersecurity researchers discovered an unsecured 16TB database exposing 4.3 billion professional records, including names, emails, and LinkedIn data. Learn what happened, why this massive data leak enables new scams, and how to protect your PII. Continue reading 16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records
New report by Unit 42 reveals the Hamas-linked Ashen Lepus (WIRTE) group is using the AshTag malware suite to target Middle Eastern diplomatic and government entities with advanced, hidden tactics. Continue reading Hamas Linked Hackers Using AshTag Malware Against Diplomatic Offices
South Korean e-commerce giant Coupang faces intense scrutiny after CEO Park Dae-jun resigns over a data breach that exposed 33.7 million customer accounts. Read about the police raids, US lawsuit, and regulatory orders from PIPC. Continue reading Coupang CEO Steps Down After Data Breach Hits 33.7 Million Users
UK’s ICO fines LastPass £1.2M for the 2022 data breach that exposed 1.6 million users’ data. Learn how a flaw in an employee’s personal PC led to the massive security failure. Continue reading UK’s ICO Fine LastPass £1.2 Million Over 2022 Security Breach