The Breach News

Stolen D-Link Certificate Exploited to Digitally Sign Surveillance Malware

Digitally signed malware has gained traction recently, utilizing legitimate digital certificates to mask malicious activities. Recent investigations have uncovered a malware campaign employing stolen valid digital certificates from Taiwanese technology firms, including D-Link, to authenticate their harmful applications and thereby appear trustworthy to unwitting users. Digital certificates, issued by recognized…

Read MoreStolen D-Link Certificate Exploited to Digitally Sign Surveillance Malware

Drowning in AI Noise, cURL Halts Bug Bounties to Safeguard “Mental Well-being”

cURL Project Ends Vulnerability Reward Program Amid AI Report Surge The developers behind cURL, a widely-used networking tool, are discontinuing their vulnerability reward program due to a significant influx of low-quality submissions, many of which have been identified as AI-generated. Daniel Stenberg, the founder and lead developer of the open-source…

Read MoreDrowning in AI Noise, cURL Halts Bug Bounties to Safeguard “Mental Well-being”

Coupang Investors Call for US Intervention, Potentially Straining Trade Relations with Seoul

Coupang CEO Apologizes for Data Breach, Again Fails to Attend Parliamentary Hearing Bom Kim, the founder and CEO of Coupang, Inc., publicly apologized on Sunday regarding a significant data breach that has impacted nearly the entirety of the company’s customer base. This incident has prompted a comprehensive tax investigation by…

Read MoreCoupang Investors Call for US Intervention, Potentially Straining Trade Relations with Seoul

Apache OpenMeetings Web Conferencing Tool Subject to Serious Vulnerabilities

Apache OpenMeetings Faces Critical Security Vulnerabilities Recent security findings have exposed multiple vulnerabilities in Apache OpenMeetings, a widely used web conferencing solution. These weaknesses could be exploited by malicious actors to potentially take control of administrative accounts and execute harmful code on compromised servers. The implications of these vulnerabilities could…

Read MoreApache OpenMeetings Web Conferencing Tool Subject to Serious Vulnerabilities

Gaza Cyber Group Strikes Again with New Attacks on Palestinian Authority

New Cyber Threat Targets Palestinian Authority With Advanced Malware Attack In a recent development in the realm of cybersecurity, Check Point Threat Intelligence Team has identified a resurgence of an advanced persistent threat (APT) group launching targeted attacks against institutions in the Middle East, particularly the Palestinian Authority. This latest…

Read MoreGaza Cyber Group Strikes Again with New Attacks on Palestinian Authority