Cybersecurity

#ExpressVPN bug leaked user IPs in Remote Desktop sessions

https://www.bleepingcomputer.com/news/security/expressvpn-bug-leaked-user-ips-in-remote-desktop-sessions/

#cybersecurity #privacy

#Veeam #RecoveryOrchestrator users locked out after #MFA rollout

https://www.bleepingcomputer.com/news/technology/veeam-recovery-orchestrator-users-locked-out-after-mfa-rollout/

#cybersecurity

Indian #crypto exchange #CoinDCX confirms $44M stolen during hack

https://techcrunch.com/2025/07/21/indian-crypto-exchange-coindcx-confirms-44-million-stolen-during-hack/

#India #cybersecurity #cybercrime

Seriously? WTF?

“Cognizant was not duped by any elaborate ploy or sophisticated hacking techniques,” according to a copy of the lawsuit reviewed by Reuters. “The cybercriminal just called the Cognizant Service Desk, asked for credentials to access Clorox’s network, and Cognizant handed the credentials right over.”

https://www.nbcnews.com/business/business-news/lawsuit-says-clorox-hackers-got-passwords-simply-asking-rcna220313

#CyberSecurity #Ransomware #Hacking #SocialEngineering

#Dell confirms breach of test lab platform by #WorldLeaks extortion group

https://www.bleepingcomputer.com/news/security/dell-confirms-breach-of-test-lab-platform-by-world-leaks-extortion-group/

#cybersecurity #DataBreach

#Microsoft releases emergency patches for #SharePoint RCE flaws exploited in attacks

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/

#cybersecurity

"When your laptop is infected with infostealing malware, it’s not just hackers that might get your passwords, billing and email addresses, and a list of sites or services you’ve created accounts on, potentially including some embarrassing ones. A private intelligence company run by a young founder is now taking that hacked data from what it says are more than 50 million computers, and reselling it for profit to a wide range of different industries, including debt collectors; couples in divorce proceedings; and even companies looking to poach their rivals’ customers. Essentially, the company is presenting itself as a legitimate, legal business, but is selling the same sort of data that was previously typically sold by anonymous criminals on shady forums or underground channels.

Multiple experts 404 Media spoke to called the practice deeply unethical, and in some cases the use of that data probably illegal. The company is also selling access to a subset of the data to anyone for as little as $50, and 404 Media used it to uncover unsuspecting victims’ addresses.

The activities of the company, called Farnsworth Intelligence, show a dramatic shift in the bevvy of companies that collect and sell access to so-called open source intelligence, or OSINT. Historically, OSINT has included things like public social media profiles or flight data. Now, companies increasingly see data extracted from peoples’ personal or corporate machines and then posted online as fair game not just to use in their own investigations, but to repackage and sell too."

https://www.404media.co/a-startup-is-selling-data-hacked-from-peoples-computers-to-debt-collectors/

#CyberSecurity #DataProtection #Malware #OSINT #Hacking

#HPE warns of hardcoded passwords in #Aruba access points

https://www.bleepingcomputer.com/news/security/hpe-warns-of-hardcoded-passwords-in-aruba-access-points/

#cybersecurity

At Least 750 US Hospitals Faced Disruptions During Last Year’s #CrowdStrike Outage, Study Finds

https://www.wired.com/story/at-least-750-us-hospitals-faced-disruptions-during-last-years-crowdstrike-outage-study-finds/

#hospital #healthcare #cybersecurity

Popular #npm #linter packages hijacked via #phishing to drop #malware

https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/

#cybersecurity #JavaScript

New #CrushFTP zero-day exploited in attacks to hijack servers

https://www.bleepingcomputer.com/news/security/new-crushftp-zero-day-exploited-in-attacks-to-hijack-servers/

#cybersecurity

#Arch #Linux pulls #AUR packages that installed #Chaos RAT #malware

https://www.bleepingcomputer.com/news/security/arch-linux-pulls-aur-packages-that-installed-chaos-rat-malware/

#FOSS #cybersecurity

Phishers have found a way to downgrade—not bypass—#FIDO #MFA

https://arstechnica.com/security/2025/07/no-phishers-are-not-bypassing-fido-mfa-at-least-not-yet-heres-why/

#phishing #cybersecurity

Russian #alcohol retailer #WineLab closes stores after #ransomware attack

https://www.bleepingcomputer.com/news/security/russian-alcohol-retailer-winelab-closes-stores-after-ransomware-attack/

#cybersecurity #Russia

New #Phobos and #8base #ransomware #decryptor recover files for free

https://www.bleepingcomputer.com/news/security/new-phobos-ransomware-decryptor-lets-victims-recover-files-for-free/

#cybercrime #cybersecurity

#iVerify Uncovers Evidence of Zero-Click Mobile Exploitation in the U.S.

https://iverify.io/blog/iverify-uncovers-evidence-of-zero-click-mobile-exploitation-in-the-us

#cybersecurity #malware

India’s largest crypto exchange CoinDCX has confirmed that one of its operational accounts was compromised in a recent security breach. @Techcrunch has more, including the millions hackers reportedly made off with.

https://flip.it/96pL.l

#Tech #Crypto #CyberSecurity #Hacked #CoinDCX

Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk.

@Engadget reports: "The software giant released an emergency patch but the flaw is being actively exploited."

https://flip.it/h6w1pi

#Microsoft #Cybersecurity #SharePoint #Tech #Hacking

"Not so long ago, you would be right to question why a seemingly innocuous-looking free “flashlight” or “calculator” app in the app store would try to request access to your contacts, photos, and even your real-time location data. These apps may not need that data to function, but they will request it if they think they can make a buck or two by monetizing your data.

These days, AI isn’t all that different.

Take Perplexity’s latest AI-powered web browser, Comet, as an example. Comet lets users find answers with its built-in AI search engine and automate routine tasks, like summarizing emails and calendar events.

In a recent hands-on with the browser, TechCrunch found that when Perplexity requests access to a user’s Google Calendar, the browser asks for a broad swath of permissions to the user’s Google Account, including the ability to manage drafts and send emails, download your contacts, view and edit events on all of your calendars, and even the ability to take a copy of your company’s entire employee directory.

Perplexity says much of this data is stored locally on your device, but you’re still granting the company rights to access and use your personal information, including to improve its AI models for everyone else.

Perplexity isn’t alone in asking for access to your data. There is a trend of AI apps that promise to save you time by transcribing your calls or work meetings, for example, but which require an AI assistant to access your real-time private conversations, your calendars, contacts, and more. Meta, too, has been testing the limits of what its AI apps can ask for access to, including tapping into the photos stored in a user’s camera roll that haven’t been uploaded yet."

https://techcrunch.com/2025/07/19/for-privacy-and-security-think-twice-before-granting-ai-access-to-your-personal-data

#CyberSecurity #AI #GenerativeAI #Chatbots #DataProtection #Perplexity

"Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers' npm tokens.

The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub repositories.

The list of affected packages and their rogue versions, according to Socket, is listed below -

• eslint-config-prettier (versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7)
• eslint-plugin-prettier (versions 4.2.2 and 4.2.3)
• synckit (version 0.11.9)
• @pkgr/core (version 0.2.8)
• napi-postinstall (version 0.3.1)

"The injected code attempted to execute a DLL on Windows machines, potentially allowing remote code execution," the software supply chain security firm said."

https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html

#CyberSecurity #NPM #JavaScript #Node #GitHub #Windows #Malware

#CitrixBleed2 exploited weeks before PoCs as #Citrix denied attacks

https://www.bleepingcomputer.com/news/security/citrix-bleed-2-exploited-weeks-before-pocs-as-citrix-denied-attacks/

#cybersecurity

#GitHub abused to distribute payloads on behalf of #malware-as-a-service

https://arstechnica.com/security/2025/07/malware-as-a-service-caught-using-github-to-distribute-its-payloads/

#cybersecurity #Emmenhtal #PeakLight #MaaS

#VMware fixes four #ESXi zero-day bugs exploited at #Pwn2Own Berlin

https://www.bleepingcomputer.com/news/security/vmware-fixes-four-esxi-zero-day-bugs-exploited-at-pwn2own-berlin/

#cybersecurity

#Microsoft #Teams voice calls abused to push #Matanbuchus #malware

https://www.bleepingcomputer.com/news/security/microsoft-teams-voice-calls-abused-to-push-matanbuchus-malware/

#cybersecurity

#Google sues to disrupt #BadBox 2.0 #botnet infecting 10 million devices

https://www.bleepingcomputer.com/news/security/google-sues-to-disrupt-badbox-20-botnet-infecting-10-million-devices/

#cybersecurity #malware