Update: A representative from ShinyHunters has reached out to DataBreaches to assert that credit for the recent breach should be attributed to SLH. In a recent announcement posted on the SLSH Telegram channel, it was revealed that the group has gained complete access to REsecurity’s systems. According to the statement,…
Image Source: JFrog Security Research Recent patches have been issued to address two significant vulnerabilities in the Curl data transfer library. These flaws pose a considerable risk, especially one that could potentially lead to remote code execution, drawing the attention of cybersecurity professionals and business owners alike. The vulnerabilities include…
A sophisticated spyware campaign utilizing a rootkit has come to light, wherein cybercriminals disseminate multifunctional malware masquerading as legitimate cracked software or as trojanized applications, often mimicking popular video players, drivers, and even antivirus tools. Known as Scranos, this rootkit malware was initially identified late last year and continues to…
WhatsApp, one of the world’s leading messaging applications, boasts a staggering user base exceeding 3 billion. However, its extensive reach has also made it a prime target for cybercriminals. Recently, researchers uncovered a new form of account hijacking termed “GhostPairing,” allowing attackers to link their browsers to unsuspecting users’ WhatsApp…
Large language models (LLMs) like GPTs have gained notoriety for generating inaccurate information. However, for Erica Burgess, an artificial intelligence cybersecurity architect, these “hallucinations” can serve a beneficial role in threat modeling. “I prefer to view these hallucinations as untested ideas,” she remarked, highlighting their potential in cybersecurity applications. In…
Cybersecurity Breach at University of Phoenix: Sensitive Data Compromised The University of Phoenix is grappling with a significant cybersecurity breach that has potentially exposed the personal information of approximately 3.49 million individuals. This data includes details pertaining to students, alumni, faculty, staff, and select external partners, raising serious concerns about…
Encrypted messaging platform Signal has responded to widespread claims concerning a potential zero-day vulnerability, asserting that no evidence corroborates the reports. Following thorough internal investigation, the company stated it has found no indications that such a flaw exists. Signal emphasized that additional information has not been communicated through official channels,…
Recent investigations reveal that the cybercriminal organization behind the notorious DNSpionage malware campaign has initiated a new operation, deploying a sophisticated variant of DNSpionage to target chosen victims. Initially uncovered in November, the DNSpionage attacks exploited compromised websites and malicious documents to infiltrate systems with a custom remote administrative tool,…
U.S. Charges Russian Intelligence Officers and Hackers in 2014 Yahoo Data Breach In a significant development in cybersecurity, U.S. authorities have charged two Russian intelligence officers and two hackers linked to the massive 2014 Yahoo data breach, which affected over 500 million user accounts. The U.S. Department of Justice disclosed…
