Tag: service
-
Conduent Hack Victim Count Now Tops 62.2 Million
Back-Office Servicer’s Breach Estimate Has More Than Doubled Since February. The victim tally in back-office services firm Conduent Business Services’ 2024 hack has more than doubled to over 62.2 million individuals, from an earlier estimate of 25 million plus. The incident is now on track to be at least the third-largest health data breach ever…
-
Atlas Menu Data Breach Exposes 64,000 GTA V and CS2 Cheat Service Users
Atlas Menu Data Breach exposes 64,000 GTA V and CS2 cheat service users, leaking emails, IPs, support tickets and hashed passwords. First seen on hackread.com Jump to article: hackread.com/atlas-menu-data-breach-exposes-gta-v-cs2-cheat-users/
-
New Magecart Attack Abuses Stripe as Malware C2
A novel Magecart campaign that weaponizes legitimate cloud services to evade detection: attackers are storing a JavaScript skimmer inside Stripe customer metadata and delivering it to victim checkouts via Google Tag Manager. The combination makes Stripe both the command server for arbitrary code and the durable exfiltration sink for stolen card data, using domains (googletagmanager.com…
-
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Information Services (IIS) servers to deploy a bespoke web shell framework.ReliaQuest has assessed with moderate to high confidence that the espionage-focused activity is linked to China.”OP-512 was highly likely conducting espionage through a First seen on thehackernews.com…
-
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Information Services (IIS) servers to deploy a bespoke web shell framework.ReliaQuest has assessed with moderate to high confidence that the espionage-focused activity is linked to China.”OP-512 was highly likely conducting espionage through a First seen on thehackernews.com…
-
PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network
Researchers uncovered a 230-node cloud-based email relay network after the actor PCPJack accidentally exposed tools, logs, and C2 files online A threat actor tracked as PCPJack compromised 230 cloud servers across Amazon Web Services, Google Cloud, and Microsoft Azure and turned them into a covert email relay network. Hunt.io researchers discovered the operation because PCPJack…
-
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay network.”Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified for mail relay capability, and synced to a downstream consumer every…
-
Most pros have seen AI hallucinations in IT operations
Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without waiting for a human to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/05/ai-hallucinations-it-operations-research/
-
EU Prepares Path for Shutting Out US Cloud Providers
Commission Proposes That Sensitive Public Data Should Be Kept Local. The European Union’s executive arm singled a strong dislike for U.S. cloud service provider participation in public-sector procurements in a long-delayed legislative package meant to bolster continental self-sufficiency. The proposal called for sensitive public data to be stored locally. First seen on govinfosecurity.com Jump to…
-
Infosecurity Europe: How Proton Fights Against Cybercriminals Using Its Services
Proton uses machine learning models to detect abuse of its services especially email addresses used by cybercriminals First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/how-proton-fights-against/
-
Capita launched civil service pension scheme site without ‘basic’ web security
Tags: serviceOutsourcer went live with its troubled civil service pensions administration without a basic Domain Name System security feature First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643878/Capita-launched-civil-service-pension-scheme-site-without-basic-web-security
-
Proofpoint: TA4922 Deploys New RAT and Loader Arsenal
A rapidly evolving threat cluster tracked as TA4922, a Chinese-speaking cybercriminal actor deploying a diverse and expanding malware arsenal that now includes Atlas RAT, RomulusLoader, SilentRunLoader, and ValleyRAT. The group is notable for its high operational tempo, shifting tactics, and ability to blend custom malware with legitimate tools and cloud services, complicating detection efforts across…
-
Kali365 PhaaS Expands to Okta, MAX Messenger Attacks
Tags: attack, cyber, infrastructure, intelligence, microsoft, monitoring, okta, phishing, russia, service, theft, threatThe Kali365 phishing-as-a-service (PhaaS) platform has significantly expanded its operational scope, moving beyond Microsoft 365 token theft to target Okta single sign-on (SSO) environments and Russia’s rapidly growing MAX Messenger platform. New threat intelligence reveals a more mature, multi-brand phishing ecosystem with centralized infrastructure, real-time token monitoring, and geographically targeted campaigns. Previously documented for abusing…
-
Microsoft Introduces Always-On AI Agent Scout for Teams, Outlook, and More
Microsoft has introduced an always-on AI agent named “Scout,” marking the debut of a new category of enterprise automation called “Autopilots.” Announced on June 2, Microsoft Scout is designed to operate continuously across Microsoft 365 services such as Teams, Outlook, OneDrive, and SharePoint, shifting AI from reactive assistants to proactive systems that execute tasks autonomously…
-
Microsoft Introduces Always-On AI Agent Scout for Teams, Outlook, and More
Microsoft has introduced an always-on AI agent named “Scout,” marking the debut of a new category of enterprise automation called “Autopilots.” Announced on June 2, Microsoft Scout is designed to operate continuously across Microsoft 365 services such as Teams, Outlook, OneDrive, and SharePoint, shifting AI from reactive assistants to proactive systems that execute tasks autonomously…
-
Microsoft Introduces Always-On AI Agent Scout for Teams, Outlook, and More
Microsoft has introduced an always-on AI agent named “Scout,” marking the debut of a new category of enterprise automation called “Autopilots.” Announced on June 2, Microsoft Scout is designed to operate continuously across Microsoft 365 services such as Teams, Outlook, OneDrive, and SharePoint, shifting AI from reactive assistants to proactive systems that execute tasks autonomously…
-
VMware Cloud Foundation 9.1 gives partners a bigger private cloud services play
First seen on scworld.com Jump to article: www.scworld.com/news/vmware-cloud-foundation-9-1-gives-partners-a-bigger-private-cloud-services-play
-
New ‘HTTP/2 Bomb’ DoS attack crashes web servers in under a minute
A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-http-2-bomb-dos-attack-crashes-web-servers-in-under-a-minute/
-
Russia’s FSB Says Foreign Spies Infected Officials’ Phones With Malware
Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it had uncovered and documented a large-scale foreign intelligence operation targeting the mobile devices of senior Russian officials. The…
-
Proofpoint Ramping Up Big MSP Growth Push In North America: Exec
Proofpoint’s launch of a business unit and Microsoft 365 security platform focused on meeting the needs of MSPs and their SMB customers marks a major advancement for the managed service provider market, according to an MSP executive. First seen on crn.com Jump to article: www.crn.com/news/security/2026/proofpoint-ramping-up-big-msp-growth-push-in-north-america-exec
-
Malware campaign targeting Minecraft users infects over 116,000 systems
A Malware-as-a-Service (MaaS) operation named WeedHack is targeting Minecraft users and allows threat actors to gain remote access to victims’ screens, webcams, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/03/weedhack-minecraft-malware-campaign/
-
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora.The vulnerability has been codenamed HTTP/2 Bomb by Calif.”The vulnerable behavior exists in each server’s default HTTP/2 configuration,” the company said, adding it was discovered by OpenAI Codex by chaining First seen on…
-
HazyBeacon Campaign Abuses AWS for Stealthy C2 Communications
Tags: attack, cloud, communications, control, cyber, espionage, government, network, service, threatA newly documented cyber espionage operation known as HazyBeacon, tracked as CL-STA-1020, is leveraging Amazon Web Services (AWS) to build stealthy command-and-control (C2) channels that are difficult for defenders to detect. The campaign primarily targets government networks in Southeast Asia and represents a growing shift toward cloud-native attack infrastructure. This misconfiguration enables threat actors to…
-
HTTP/2 Bomb Remote DoS Exploit Impacts nginx, Apache, IIS, Envoy, and Cloudflare Pingora
A newly disclosed “HTTP/2 Bomb” attack is raising serious concerns across the web infrastructure ecosystem, enabling remote denial-of-service (DoS) conditions against widely deployed servers including nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora. Overview of the HTTP/2 Bomb Attack Security researcher Quang Luong, working with the Codex team, uncovered a novel exploitation technique that…
-
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims’ systems.The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed Weedhack by McAfee Labs, stating the activity has been active since January 2026 and impersonates Minecraft clients and mods to infect users. In all, 3820 First…
-
Red Hat Confirms Supply Chain Breach Impacting @redhatservices npm Packages
Red Hat has confirmed a supply chain security breach impacting multiple npm packages under the @redhat-cloud-services namespace, as detailed in security bulletin RHSB-2026-006 released on June 2, 2026. The incident was publicly disclosed a day earlier and stems from a compromised GitHub account that introduced malicious code into trusted repositories maintained within Red Hat’s infrastructure.…
-
Grand Theft Auto V cheat service Atlas Menu hacked, user data exposed
First seen on scworld.com Jump to article: www.scworld.com/brief/grand-theft-auto-v-cheat-service-atlas-menu-hacked-user-data-exposed
-
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/fbi-flagged-phishing-kit-kali365-expands-its-reach
-
TCS and Mistral AI Sign Strategic Partnership
TCS to Build and Deploy Custom AI Models Using Mistral Forge. Tata Consultancy Services struck a strategic partnership with Mistral AI, making it the first global systems integrator to deliver Mistral Forge to enterprise clients, the Indian and French companies announced this week. The deal hands TCS access to Paris-based Mistral’s frontier models. First seen…
-
TCS and Mistral AI Sign Strategic Partnership
TCS to Build and Deploy Custom AI Models Using Mistral Forge. Tata Consultancy Services struck a strategic partnership with Mistral AI, making it the first global systems integrator to deliver Mistral Forge to enterprise clients, the Indian and French companies announced this week. The deal hands TCS access to Paris-based Mistral’s frontier models. First seen…