Collaborate Disseminate
Nimbus Manticore has continued its operations during and after the US military campaign against Iran.
The post Iranian APT Targets Aviation, Software Companies With Updated Tools appeared first on SecurityWeek.
Continue reading Iranian APT Targets Aviation, Software Companies With Updated Tools
The allegedly stolen information leaked by ShinyHunters contains email addresses, names, addresses, and dates of birth.
The post 185,000 Likely Impacted by 7-Eleven Data Breach appeared first on SecurityWeek.
Continue reading 185,000 Likely Impacted by 7-Eleven Data Breach
Hardcoded machineKey values in a configuration file enabled ViewState deserialization attacks leading to remote code execution.
The post Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment appeared first on SecurityWeek.
Continue reading Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment
The two own Dutch companies that allegedly provided bulletproof hosting services to Russia-aligned threat actors.
The post Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands appeared first on SecurityWeek.
Continue reading Admins of Bulletproof Hosting Service Used by Russian Hackers Arrested in Netherlands
Threat actors stole files containing names and protected health information from the healthcare organization’s systems.
The post 266,000 Affected by Data Breach at Radiology Associates of Richmond appeared first on SecurityWeek.
Continue reading 266,000 Affected by Data Breach at Radiology Associates of Richmond
Published within a 15-minute window, the malicious tags introduced backdoors to exfiltrate CI secrets.
The post Laravel-Lang Packages Poisoned for Malware Delivery appeared first on SecurityWeek.
Continue reading Laravel-Lang Packages Poisoned for Malware Delivery
Hackers accessed names, addresses, Social Security numbers, financial information, and medical data from third-party partner repositories.
The post DocketWise Data Breach Impacts 143,000 appeared first on SecurityWeek.
Continue reading DocketWise Data Breach Impacts 143,000
Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens.
The post Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack appeared first on SecurityW… Continue reading Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic.
The post ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains appeare… Continue reading ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
Hackers accessed Grafana’s GitHub repositories after a token compromised in the TanStack attack was not rotated.
The post Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack appeared first on SecurityWeek.
Continue reading Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack