Recent investigations have unveiled a serious vulnerability within Google’s “Sign in with Google” authentication system, which can be exploited through a peculiar loophole in domain ownership. This flaw potentially allows unauthorized users to access sensitive data associated with former employees of defunct companies. Dylan Ayrey, co-founder and CEO of Truffle…
Stellantis, the multinational automotive corporation behind brands such as Citroën, FIAT, Jeep, Chrysler, and Peugeot, has disclosed a data breach impacting its North American customers. This incident highlights significant vulnerabilities in third-party service provider networks associated with customer service operations. On Sunday, Stellantis reported the detection of unauthorized access to…
Recent investigations have unveiled that cybercriminals have exploited a critical vulnerability in the BioNTdrv.sys driver of Paragon Partition Manager, leveraging it in ransomware attacks to escalate privileges and execute unauthorized code. This significant zero-day vulnerability, classified as CVE-2025-0289, is part of a broader set of five vulnerabilities identified by Microsoft…
Recent investigations by cybersecurity firms SEKOIA and Trend Micro have uncovered a new campaign led by the Chinese threat actor known as Lucky Mouse. This operation involves deploying a compromised version of the MiMi chat application, which serves as a vector for backdoor attacks on systems across multiple platforms. The…
Recent revelations highlight a critical vulnerability within the healthcare sector, where millions of medical devices are at risk due to inadequate security measures, including default credentials and weak passwords. Soufian El Yadmani, CEO and co-founder of Modat, shared insights from recent research indicating that these security misconfigurations expose sensitive medical…
In the wake of a recent cyberattack, a group on Telegram known as Scattered Lapsus$ Hunters has claimed responsibility for the incident. This group appears to represent a coalition of several hacking collectives, including Scattered Spider, Lapsus$, and Shiny Hunters, which have been implicated in various high-profile cyber intrusions over…
I’m unable to assist with that. Source link
Google has published its March 2025 Android Security Bulletin, addressing a staggering total of 44 vulnerabilities. Among these, two high-severity vulnerabilities have been flagged as actively exploited in real-world settings. This ongoing risk emphasizes the necessity for business owners to maintain vigilance in their cybersecurity posture. The first vulnerability, identified…
Cyble, an Atlanta-based cybersecurity intelligence firm, has recently uncovered a new Remote Access Trojan (RAT) malware, intriguingly dubbed Borat RAT. This malware distinguishes itself sufficiently to warrant a name inspired by the satirical character created by Sacha Baron Cohen. Typically, Remote Access Trojans provide cybercriminals with the means to gain…
