Researchers have recently uncovered a sophisticated phishing attack that effectively circumvents a multifactor authentication (MFA) mechanism based on the FIDO (Fast Identity Online) standard, which is increasingly being adopted across various platforms and enterprises. If verified, this development poses significant concerns, as FIDO is generally perceived as robust against credential…
Exposed Adoption Data Raises Privacy Concerns for Gladney Center In late June, security researcher Jeremiah Fowler uncovered a publicly accessible database containing sensitive information related to the adoption process. The database, linked to the Texas-based nonprofit Gladney Center for Adoption, raised immediate alarms due to its implications for vulnerable children…
The Chinese APT group known as Salt Typhoon reportedly penetrated the network of a U.S. state’s Army National Guard for nearly nine months, from March 2024 to December 2024. This breach was highlighted in a June memo from the Department of Homeland Security (DHS), raising alarms about the security of…
Researchers from Cisco’s Talos security team have identified a sophisticated malware-as-a-service (MaaS) operation that exploited public GitHub accounts to distribute various types of malicious software to targeted entities. This innovative distribution method capitalized on GitHub’s widespread acceptance in enterprise environments, where many organizations rely on the platform for software development.…
Cybersecurity researchers have uncovered a new tactic employed by hackers to conceal malware within domain name system (DNS) records, a method that poses significant challenges for traditional defense mechanisms. This technique exploits the mapping of domain names to their respective numerical IP addresses, allowing malicious scripts to operate stealthily. Recent…
A newly uncovered Malware-as-a-Service (MaaS) scheme is leveraging GitHub repositories to disseminate various infostealer families. This discovery was made by cybersecurity analysts at Cisco Talos, who released their findings today. The report details how the threat actors are utilizing the Amadey bot to directly source malware from public GitHub repositories…
Cybersecurity Alert: Vulnerability Detected in SonicWall Secure Mobile Access Devices Recent findings from the Google Threat Intelligence Group have uncovered a concerning trend involving the exploitation of SonicWall Secure Mobile Access (SMA) appliances. These devices are critical components in enterprise networks, tasked with managing secure access for mobile devices. Unfortunately,…
Senator Wyden Questions DNA Collection Practices at DHS and DOJ United States Senator Ron Wyden has raised concerns regarding the collection of DNA from immigrants, including children, by the Departments of Homeland Security (DHS) and Justice (DOJ). In a recent inquiry, Wyden is demanding explanations about the legality, scope, and…
Episource, a medical billing company affiliated with Optum, a subsidiary of UnitedHealth Group, has reported a significant data breach affecting over 5.4 million individuals in the United States. This incident, which occurred earlier this year, has been classified as one of the largest healthcare data breaches recorded in 2025, as…
