Skoda Data Breach Hits Online Shop Customers
Using a vulnerability in the portal, hackers accessed names, addresses, email addresses, and phone numbers.
The post Skoda Data Breach Hits Online Shop Customers appeared first on SecurityWeek.
Using a vulnerability in the portal, hackers accessed names, addresses, email addresses, and phone numbers.
The post Skoda Data Breach Hits Online Shop Customers appeared first on SecurityWeek.
The incident occurred on April 20 and did not affect customer data in the companyβs production and staging environments.
The post SailPoint Discloses GitHub Repository Hack appeared first on SecurityWeek.
A malicious version of the plugin was published to the Jenkins Marketplace late last week.
The post Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack appeared first on SecurityWeek.
The second iteration of the German-speaking online crime marketplace had over 22,000 users and more than 100 sellers.
The post Resurrected βCrimenetworkβ Marketplace Taken Down, Administrator Arrested appeared first on SecurityWeek.
Victims span across the aviation, critical infrastructure, energy, logistics, public administration, and technology sectors.
The post Over 500 Organizations Hit in Years-Long Phishing Campaign appeared first on SecurityWeek.
Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors.
The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek.
It targeted high-precision calculation software to tamper with results and packed a self-propagation mechanism.
The post Pre-Stuxnet Sabotage Malware βFast16β Linked to US-Iran Cyber Tensions appeared first on SecurityWeek.
The malware provides remote access and control of infected devices and maintains post-patching persistence.
The post US Federal Agencyβs Cisco Firewall Infected With βFirestarterβ Backdoor appeared first on SecurityWeek.
Tied to a fresh Checkmarx supply chain attack claimed by TeamPCP, the incident references the Shai-Hulud worm.
The post Bitwarden NPM Package Hit in Supply Chain Attack appeared first on SecurityWeek.
The company will use the investment to accelerate product development and grow go-to-market efforts.
The post Cloudsmith Raises $72 Million in Series C Funding appeared first on SecurityWeek.
The company will hire new talent and expand operations across the US and other allied countries.
The post Rilian Raises $17.5 Million for AI-Native Security Orchestration appeared first on SecurityWeek.
The company is notifying My Rituals members that hackers downloaded part of their data, including names and addresses.
The post Luxury Cosmetics Giant Rituals Discloses Data Breach appeared first on SecurityWeek.
Apple rolled out the security patches for dozens of iPhone and iPad models and generations.
The post Apple Patches iOS Flaw Allowing Recovery of Deleted Chats appeared first on SecurityWeek.
The flaw allows attackers to access the SAM database, extract NTLM hashes, and gain System privileges.
The post Recent Microsoft Defender Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
The attackers used a DKIM-signed phishing email, trusted redirect infrastructure, compromised servers, and Cloudflare-protected phishing pages.
The post Security Firm Executive Targeted in Sophisticated Phishing Attack appeared first on SecurityWeek.
The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months.
The post China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation appeared first on SecurityWeek.
Storm-2561 is distributing fake VPN clients through SEO poisoning, deploying trojans, and stealing login information.
The post Threat Actor Targeting VPN Users in New Credential Theft Campaign appeared first on SecurityWeek.
Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign.
The post ForceMemo: Python Repositories Compromised in GlassWorm Aftermath appeared first on SecurityWeek.
The vulnerability can be exploited remotely, without authentication, to circumvent existing authentication controls.
The post Critical HPE AOS-CX Vulnerability Allows Admin Password Resets appeared first on SecurityWeek.
Hackers stole personal information such as names, Social Security numbers, and driverβs license numbers.
The post 238,000 Impacted by Bell Ambulance Data Breach appeared first on SecurityWeek.