7-Eleven confirms data breach claimed by the ShinyHunters gang
…We also wanted to apologize for any inconvenience this may cause you." However, while 7-Eleven didn't share further information on the incident or the number of people affected by the…
Search
Popular node-ipc npm package compromised to steal credentials
…The recent supply-chain attack was detected by multiple application security companies, including Socket , Ox Security , and Upwind , who confirmed the following three versions as malicious: node-ipc@9.1.6 node…
Microsoft says some users can't install Office on Windows 365 devices
…However, the company has also tagged this ongoing incident as an advisory, a flag commonly used to describe service issues typically involving limited scope or impact. Until the issue is resolved, those…
Google accidentally exposed details of unfixed Chromium flaw
…The flaw was reported by security researcher Lyra Rebane and acknowledged as valid in December 2022, as per the thread on Chromium Issue Tracker. An attacker could exploit the problem to create…
Leaked Shai-Hulud malware fuels new npm infostealer campaign
…Researchers at OXsecurity, a company that secures applications from code to runtime, discovered the malicious uploads over the weekend and noticed that the threat actor used misspelled names (typosquatting) targeting Axios users…
New TCLBanker malware self-spreads over WhatsApp and Outlook
…The new banking trojan was discovered by Elastic Security Labs , whose researchers believe it’s a major evolution of the older Maverick/Sorvepotel malware family. While TCLBanker currently appears focused in Brazil…
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
…Why security alone won't stop modern attacks FBI links cybercriminals to sharp surge in cargo theft attacks Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery Cybersecurity…
Russian hackers turn Kazuar backdoor into modular P2P botnet
…Microsoft underlines Kazuar's versatility, which now supports 150 configuration options allowing operators to enable/disable specific security bypasses, perform task scheduling, time the data theft and size of exfiltration chunks, perform…
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
…the research team, provided support to actions by the Russian Federation that undermine democracy and security, including through information manipulation and disruption of public and economic systems,” FIOD says . The EU added…
New PCPJack worm steals credentials, cleans TeamPCP infections
…TeamPCP is a cloud-focused threat group known for high-profile supply-chain breaches against Aqua Security’s Trivy scanner, the LiteLMM and Telnyx PyPI packages, and more recently, SAP npm packages…