In its October 2023 Patch Tuesday update, Microsoft has addressed a total of 103 vulnerabilities across its software platforms, including two critical zero-day vulnerabilities actively exploited in the wild. This update highlights the ongoing importance of patch management in maintaining cybersecurity defenses. Among the identified vulnerabilities, 13 are categorized as…
Data Breach Exposes 1.4 Billion Email Addresses in Massive Spam Operation A significant data breach has surfaced, revealing a staggering database of approximately 1.4 billion email addresses, correlated with real names, IP addresses, and, in many instances, physical addresses. This incident is regarded as one of the largest security leaks…
Cybersecurity experts have reported that North Korean threat actors are leveraging a critical vulnerability in JetBrains TeamCity, specifically CVE-2023-42793, which carries a severe CVSS score of 9.8. This exploitation allows attackers to breach unprotected servers, with campaigns attributed to two distinct groups: Diamond Sleet, also known as Labyrinth Chollima, and…
A 23-year-old hacker from Utah, Austin Thompson, known online as “DerpTroll,” has received a 27-month prison sentence for orchestrating a series of Distributed Denial of Service (DDoS) attacks targeting various online services, websites, and gaming companies from December 2013 to January 2014. His attacks notably affected major gaming platforms during…
Two British Men Arrested for Attempted Cyber Intrusion into Microsoft’s Networks British law enforcement has apprehended two individuals in connection with a conspiring plot to breach the computer networks of Microsoft, the global tech powerhouse based in the United States. The arrests occurred on June 22, 2017, conducted by detectives…
New Campaign Unveils Widespread Distribution of Astaroth Fileless Malware In a new report from Microsoft, cybersecurity experts reveal the latest details of an extensive campaign involving the notorious Astaroth fileless malware. Initially targeting users in Europe and Brazil earlier this year, this malware has been operational since at least 2017…
A hacker under the alias “888” has reportedly claimed responsibility for a significant data breach impacting the European Space Agency (ESA). The hacker alleges that more than 200 GB of internal data was stolen during an attack on December 18, 2025. This breach reportedly resulted in the complete exfiltration of…
Google has announced a significant expansion of its Vulnerability Rewards Program (VRP) to incentivize researchers to identify attack scenarios specifically targeting generative artificial intelligence systems. This initiative is part of a broader effort to enhance safety and security frameworks surrounding AI technologies. According to Google representatives Laurie Richardson and Royal…
In recent months, a series of sophisticated cyberattacks leveraging artificial intelligence (AI) have raised alarms in the technology sector. One particularly concerning incident involved a prompt injection attack against GitLab’s Duo chatbot, wherein malicious code was embedded within a legitimate code package. This exploit not only blurred the lines between…
