CISA Urges Action on Potential Oracle Cloud Credential Compromise
Following reports of unauthorized access to a legacy Oracle cloud environment, CISA warns of potential credential compromise leading…
Mass Ransomware Campaign Hits S3 Buckets Using Stolen AWS Keys
Researchers reveal a large-scale ransomware campaign leveraging over 1,200 stolen AWS access keys to encrypt S3 buckets. Learn…
Hertz Confirms Data Breach After Hackers Stole Customer PII
Hertz confirms data breach linked to Cleo software flaw; Cl0p ransomware group leaked stolen data, exposing names, driver’s…
Operation BULUT: Encrypted Chats from Sky ECC, ANOM Lead to 232 Arrests
Intelligence from encrypted platforms like Sky ECC and ANOM has led to the arrest of 232 individuals and…
Fake PDFCandy File Converter Websites Spread Malware
CloudSEK uncovers a sophisticated malware campaign where attackers impersonate PDFCandy.com to distribute the ArechClient2 information stealer. Learn how…
UK Software Firm Exposed 1.1TB of Healthcare Worker Records
8M UK healthcare worker records, including IDs and financial data, exposed due to a misconfigured staff management database…
New “Slopsquatting” Threat Emerges from AI-Generated Code Hallucinations
AI code tools often hallucinate fake packages, creating a new threat called slopsquatting that attackers can exploit in…
Incomplete Patch Leaves NVIDIA and Docker Users at Risk
NVIDIA's incomplete security patch, combined with a Docker vulnerability, creates a serious threat for organizations using containerized environments. This article explains the risks and mitigation strategies.
Data Breach at Planned Parenthood Lab Partner Exposes Info of 1.6M
Data breach at Laboratory Services Cooperative (LSC) exposed the sensitive health and personal information of 1.6 million individuals…
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing
Russian APT group Storm-2372 employs device code phishing to bypass Multi-Factor Authentication (MFA). Targets include government, technology, finance,…