Advertisement
China's Dual-Method Cyberattack Targets Czech, Taiwan Orgs with Azureveil
Nation-state actors linked to China employ dual-method spear-phishing with Azureveil malware to target Czech and Taiwan organizations for data theft. Understand the TTPs
Radiology Associates of Richmond Breach Affects 266,000 Patients
A data breach at Radiology Associates of Richmond has exposed the sensitive health and personal information of over 266,000 individuals.
MacSync Stealer Distributed via Malicious Homebrew Ad Campaign
Malicious ads for Homebrew distribute MacSync Stealer, targeting macOS users. Threat actors leverage trusted software to deploy data-stealing malware.
OpenEMR Flaws: Database Compromise, RCE, and Patient Data Theft Risks
Analysis of 38 security flaws in OpenEMR, an EHR platform used by over 100,000 healthcare providers, enabling database compromise, RCE, and data theft.
Compromised Checkmarx KICS: Supply Chain Attack on Developer Environments
A supply chain attack compromised Checkmarx KICS Docker images and extensions, exposing developer environments to sensitive data theft. Learn mitigation.
Sapphire Sleet's ClickFix: North Korea Targets macOS Users
North Korea-backed Sapphire Sleet is deploying ClickFix malware via fake job offers and phony Zoom updates to steal macOS user credentials and data. Learn how to detect
UAC-0247 Targets Ukrainian Healthcare via Data-Theft Malware
UAC-0247 is targeting Ukrainian clinics and government entities using malware designed to steal data from WhatsApp and Chromium-based browsers.
Mercor Hit by LiteLLM Supply Chain Attack – Lapsus$ Claims 4TB Data Theft
AI recruiting firm Mercor is investigating a LiteLLM supply chain attack, with Lapsus$ claiming to have stolen 4TB of sensitive data.
ShinyHunters Breach: European Commission Cloud Data Theft
ShinyHunters claimed responsibility for a cyber intrusion and 350GB data theft from European Commission cloud systems. Understand the TTPs and mitigation.
Apple Warns of Coruna and DarkSword Exploit Kits Targeting iOS
Apple warns of Coruna and DarkSword exploit kits targeting older iOS versions via malicious web content to steal sensitive data. Update your devices now.
SnappyClient C2 Implant Targets Crypto Wallets for Data Theft
A new C2 implant, SnappyClient, is actively targeting crypto wallets, facilitating remote access, extensive data theft, and persistent spying on victims.
Claudy Day: Prompt Injection and XSS Flaws Target Claude AI Users
Researchers uncover 'Claudy Day', a trio of vulnerabilities in Anthropic's Claude AI that allow data theft through malicious Google search results.