Microsoft and the Justice Department have seized over 240 domains used by customers of ONNX, a phishing-as-a-service (PhaaS) platform, to target companies and individuals across the United States and worldwide since at least 2017.
The U.S. has seized the cybercrime website 'PopeyeTools' and unsealed charges against three of its administrators, Abdul Ghaffar, Abdul Sami, and Javed Mirza, for selling stolen data.
A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins.
As users are flocking to BlueSky from social media platforms like X/Twitter, so are threat actors. BleepingComputer has spotted cryptocurrency scams popping up on BlueSky just as the decentralized microblogging service surpassed 20 million users this ...
A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system.
MITRE has shared this year's top 25 list of the most common and dangerous software weaknesses behind more than 31,000 vulnerabilities disclosed between June 2023 and June 2024.
The U.S. Justice Department has charged five suspects believed to be part of the financially motivated Scattered Spider cybercrime gang with conspiracy to commit wire fraud.
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04.
Cybercriminals have devised a novel method to cash out from stolen credit card details linked to mobile payment systems such as Apple Pay and Google Pay, dubbed 'Ghost Tap,' which relays NFC card data to money mules worldwide.