Collaborate Disseminate
The company said it found more evidence of compromise across its customer base. Exposure, which has yet to be defined, poses significant downstream risk.
The post Vercel attack fallout expands to more customers and third-party systems appeared first on CyberScoop.
Continue reading Vercel attack fallout expands to more customers and third-party systems
Angelo Martino helped accomplices extort a combined $75.3 million in ransom payments from five victim companies.
The post Former DigitalMint ransomware negotiator pleads guilty to extortion scheme appeared first on CyberScoop.
Continue reading Former DigitalMint ransomware negotiator pleads guilty to extortion scheme
Tyler Robert Buchanan “was the glue that held this gang together,” a cybercrime researcher said. He faces up to 22 years in federal prison.
The post Scottish man pleads guilty to attack spree that created Scattered Spider’s notoriety appeared first on CyberScoop.
The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.
The post Vercel’s security breach started with malware disguised as Roblox cheats appeared first on CyberScoop.
Continue reading Vercel’s security breach started with malware disguised as Roblox cheats
GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.
The post Network ‘background noise’ may predict the next big edge-device vulnerability appeared first on CyberScoop.
Continue reading Network ‘background noise’ may predict the next big edge-device vulnerability
Kejia Wang and Zhenxing Wang established shell companies and hosted laptop farms to help operatives obtain jobs at more than 100 U.S. companies.
The post US nationals sentenced for aiding North Korea’s tech worker scheme appeared first on CyberScoop.
Continue reading US nationals sentenced for aiding North Korea’s tech worker scheme
Operation PowerOFF’s latest globally coordinated action identified more than 75,000 alleged cybercriminals. Officials warned each of them to stop jamming up traffic.
The post Officials seize 53 DDoS-for-hire domains in ongoing crackdown appeared first on CyberScoop.
Continue reading Officials seize 53 DDoS-for-hire domains in ongoing crackdown
The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation.
The post NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities appeared first on CyberScoop.
Continue reading NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities
The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information.
The post Microsoft drops its second-largest monthly batch of defects on record appeared first on CyberScoop.
Continue reading Microsoft drops its second-largest monthly batch of defects on record
The social engineering campaign spiked last month and has targeted dozens of organizations since May 2025, according to ReliaQuest.
The post Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign appeared first on CyberScoop.