UK Software Firm Exposed 1.1TB of Healthcare Worker Records
8M UK healthcare worker records, including IDs and financial data, exposed due to a…
Latest News
UK Software Firm Exposed 1.1TB of Healthcare Worker Records
8M UK healthcare worker records, including IDs and financial data, exposed due to a misconfigured staff management database from UK-based…
New “Slopsquatting” Threat Emerges from AI-Generated Code Hallucinations
AI code tools often hallucinate fake packages, creating a new threat called slopsquatting that attackers can exploit in public code…
Incomplete Patch Leaves NVIDIA and Docker Users at Risk
NVIDIA's incomplete security patch, combined with a Docker vulnerability, creates a serious threat for organizations using containerized…
Pre-Installed Malware on Cheap Android Phones Steals Crypto via Fake WhatsApp
Cheap Android phones with preinstalled malware use fake apps like WhatsApp to hijack crypto transactions and steal wallet recovery phrases.
Fortinet Issues Fixes After Attackers Bypass Patches to Maintain Access
Hackers exploit Fortinet flaws to plant stealth backdoors on FortiGate devices, maintaining access even after patches. Update to secure…
Data Breach at Planned Parenthood Lab Partner Exposes Info of 1.6M
Data breach at Laboratory Services Cooperative (LSC) exposed the sensitive health and personal information of 1.6 million individuals linked…
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing
Russian APT group Storm-2372 employs device code phishing to bypass Multi-Factor Authentication (MFA). Targets include government, technology,…
SaaS Security Essentials: Reducing Risks in Cloud Applications
As organizations increasingly rely on SaaS applications to run their operations, securing them has become a necessity. Without strong…
BentoML Vulnerability Allows Remote Code Execution on AI Servers
TL;DR: A critical deserialization vulnerability (CVSS 9.8 – CVE-2025-27520) in BentoML (v1.3.8–1.4.2) lets attackers execute remote code…
npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers
ReversingLabs reveals a malicious npm package targeting Atomic and Exodus wallets, silently hijacking crypto transfers via software patching.
Google Eyes User Browsing Data Search in New Patent Filing
Tech giant Google may soon help users find content they've previously seen, not by searching the web but by scanning their own digital history.
Smokeloader Users Identified and Arrested in Operation Endgame
Authorities arrest 5 Smokeloader botnet customers after Operation Endgame; evidence from seized data links customers to malware, ransomware, and more.