Tag: theft
-
Washington Post notifies 10,000 individuals affected in Oracle-linked data theft
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors that personal and financial data was exposed in the Oracle breach. The popular newspaper has approximately 2.5M digital subscribers. Between July 10 and August 22, threat…
-
Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 Communications
Following the doxxing of Lumma Stealer’s alleged core members last month, the notorious infostealer initially experienced a significant decline in activity as customers migrated to rival platforms like Vidar and StealC. However, recent telemetry data reveals a concerning resurgence of Lumma Stealer operations beginning the week of October 20, 2025, accompanied by sophisticated new capabilities…
-
Multiple GitLab Vulnerabilities Allow Prompt Injection and Data Theft
GitLab has released urgent fixes for vulnerabilities that allow prompt injection and data exposure across its platform. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/multiple-gitlab-vulnerabilities-allow-prompt-injection-and-data-theft/
-
The 2025 Healthcare Cyber Crisis: Unified AI Defense Against $10.3M Breaches
Tags: ai, breach, cloud, cyber, data, defense, healthcare, infrastructure, network, ransomware, theftThe U.S. healthcare system has entered its most dangerous cyber era.As digital transformation reshapes patient care, cloud infrastructure, IoT/IoMT ecosystems, and interconnected provider networks, the sector has simultaneously become the #1 most cyber-attacked industry for 13 consecutive years. Ransomware outages, data theft, and multi-week operational disruptions now hit hospitals at an unprecedented scale.With average breach…
-
Crypto Exchanges Hacked Again for Over $100 Million
Tags: crypto, cybercrime, cybersecurity, data, exploit, finance, linkedin, service, software, theft, vulnerabilityCybercriminals continue to target the cryptocurrency industry, this time with an exploit that affected the Balancer decentralized finance platform, with total losses exceeding $100 million and involving several exchanges that use the software across multiple chains. Some of the money was recovered, but over $90 million has been converted to Ethereum by the criminals, likely…
-
The 2025 Healthcare Cyber Crisis: Unified AI Defense Against $10.3M Breaches
Tags: ai, breach, cloud, cyber, data, defense, healthcare, infrastructure, network, ransomware, theftThe U.S. healthcare system has entered its most dangerous cyber era.As digital transformation reshapes patient care, cloud infrastructure, IoT/IoMT ecosystems, and interconnected provider networks, the sector has simultaneously become the #1 most cyber-attacked industry for 13 consecutive years. Ransomware outages, data theft, and multi-week operational disruptions now hit hospitals at an unprecedented scale.With average breach…
-
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/washington-post-data-breach-impacts-nearly-10k-employees-contractors/
-
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/washington-post-data-breach-impacts-nearly-10k-employees-contractors/
-
Top 3 Malware Families in Q4: How to Keep Your SOC Ready
Q3 showed sharp growth in malware activity as Lumma AgentTesla and Xworm drove access and data theft forcing SOC teams toward quicker behavior checks First seen on hackread.com Jump to article: hackread.com/top-3-malware-families-in-q4-how-to-keep-your-soc-ready/
-
Top 3 Malware Families in Q4: How to Keep Your SOC Ready
Q3 showed sharp growth in malware activity as Lumma AgentTesla and Xworm drove access and data theft forcing SOC teams toward quicker behavior checks First seen on hackread.com Jump to article: hackread.com/top-3-malware-families-in-q4-how-to-keep-your-soc-ready/
-
GitLab Vulnerabilities Expose Users to Prompt Injection Attacks and Data Theft
GitLab has released critical security patches addressing nine vulnerabilities across Community Edition (CE) and Enterprise Edition (EE), including a concerning prompt injection flaw in GitLab Duo that could expose sensitive information from confidential issues. The company is urging all self-managed installations to upgrade immediately to versions 18.5.2, 18.4.4, or 18.3.6. The most alarming vulnerability is CVE-2025-6945, a prompt…
-
Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software
Tags: attack, backdoor, cyber, cybersecurity, data, hacker, intelligence, malware, monitoring, software, theft, toolCybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management (RMM) tools to deploy backdoor malware on unsuspecting users’ systems. The attacks abuse LogMeIn Resolve (GoTo Resolve) and PDQ Connect, transforming trusted administrative tools into weapons for data theft and remote system compromise. While the…
-
Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software
Tags: attack, backdoor, cyber, cybersecurity, data, hacker, intelligence, malware, monitoring, software, theft, toolCybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management (RMM) tools to deploy backdoor malware on unsuspecting users’ systems. The attacks abuse LogMeIn Resolve (GoTo Resolve) and PDQ Connect, transforming trusted administrative tools into weapons for data theft and remote system compromise. While the…
-
Synnovis Notifying UK Providers of Data Theft in 2024 Attack
Ransomware Attack on British Pathology Lab Disrupted Patient Care for Months. British pathology laboratory services firm Synnovis has completed a forensics review of data stolen in a June 2024 ransomware attack and is notifying affected healthcare organizations. Those providers will be responsible for notifying their own affected patients, if deemed necessary, the firm said. First…
-
Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS
Researchers found Fantasy Hub, a Russian MaaS Android RAT that lets attackers spy, steal data, and control devices via Telegram. Zimperium researchers uncovered Fantasy Hub, a Russian-sold Android RAT offered as Malware-as-a-Service, enabling spying, device control, and data theft via Telegram. The malware allows operators to take over infected devices, gathering SMS messages, contacts, call…
-
GlobalLogic warns 10,000 employees of data theft after Oracle breach
GlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen in an Oracle E-Business Suite (EBS) data breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/globallogic-warns-10-000-employees-of-data-theft-after-oracle-breach/
-
Ferocious Kitten APT Uses MarkiRAT for Keystroke and Clipboard Surveillance
Ferocious Kitten, a covert cyber-espionage group active since at least 2015, has emerged as a persistent threat to Persian-speaking dissidents and activists within Iran. The group, known for its careful targeting and evolving tactics, deploys its custom implant >>MarkiRAT
-
Ferocious Kitten APT Uses MarkiRAT for Keystroke and Clipboard Surveillance
Ferocious Kitten, a covert cyber-espionage group active since at least 2015, has emerged as a persistent threat to Persian-speaking dissidents and activists within Iran. The group, known for its careful targeting and evolving tactics, deploys its custom implant >>MarkiRAT
-
Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon
The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control.”Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs,” the Genians…
-
Crypto-less Crypto Investment Scams: A California Case
Tags: access, apt, blockchain, breach, business, china, communications, control, crime, crypto, cybercrime, data, email, finance, group, intelligence, international, jobs, network, office, organized, scam, theft, tool, usaMy readers will know by now that I am addicted to PACER – the Public Access to Court Electronic Records. When I see headlines like this one, I am compelled to dive in and read every publicly released document related to the case. USAO Central California The headline last month was that Shengsheng He, a…
-
Crypto-less Crypto Investment Scams: A California Case
Tags: access, apt, blockchain, breach, business, china, communications, control, crime, crypto, cybercrime, data, email, finance, group, intelligence, international, jobs, network, office, organized, scam, theft, tool, usaMy readers will know by now that I am addicted to PACER – the Public Access to Court Electronic Records. When I see headlines like this one, I am compelled to dive in and read every publicly released document related to the case. USAO Central California The headline last month was that Shengsheng He, a…
-
Data Leak Exposes Chinese State-Sponsored Cyber Arsenal and Target Database
Tags: breach, china, cyber, cybersecurity, data, data-breach, government, hacking, international, leak, theft, toolIn early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government ties, sent shockwaves through the international security community. The incident, reported on November 2, resulted in the theft of over 12,000 classified documents exposing sophisticated state-sponsored cyber weapons, internal hacking tools, and a comprehensive global target list spanning…
-
Data Leak Exposes Chinese State-Sponsored Cyber Arsenal and Target Database
Tags: breach, china, cyber, cybersecurity, data, data-breach, government, hacking, international, leak, theft, toolIn early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government ties, sent shockwaves through the international security community. The incident, reported on November 2, resulted in the theft of over 12,000 classified documents exposing sophisticated state-sponsored cyber weapons, internal hacking tools, and a comprehensive global target list spanning…
-
Data Leak Exposes Chinese State-Sponsored Cyber Arsenal and Target Database
Tags: breach, china, cyber, cybersecurity, data, data-breach, government, hacking, international, leak, theft, toolIn early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government ties, sent shockwaves through the international security community. The incident, reported on November 2, resulted in the theft of over 12,000 classified documents exposing sophisticated state-sponsored cyber weapons, internal hacking tools, and a comprehensive global target list spanning…