compromised

Hacking

Alert: More Than 2,000 Palo Alto Networks Devices Breached in Current Attack Operation

AndyC 22 November 2024

An approximate of 2,000 Palo Alto Networks devices are believed to have been infiltrated as a part of an ongoing...

Read More

A new SharePoint vulnerability is already being exploited

A recent loophole in SharePoint is currently being taken advantage of

AndyC 5 November 2024

Through initial entry, the intruder breached a Microsoft Exchange service account with domain administrator authorizations, gaining heightened access. The hacker...

Read More

LottieFiles Issues Warning About Compromised

LottieFiles Raises Concern About Compromised “lottie-player” npm Package

AndyC 1 November 2024

October 31, 2024Ravie LakshmananDigital Assets / Application Development LottieFiles has disclosed that its npm component "lottie-player" was compromised in a...

Read More

Fidelity Data Breach Exposes Data of Over 77,000 Customers

Security Incident at Fidelity Compromises Details of More Than 77,000 Clients

AndyC 11 October 2024

During the month of August, data belonging to 77,099 customers of Fidelity Investments in Maine was unlawfully accessed by a...

Read More

Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

Assailants Utilize Public .env Files to Infiltrate Cloud and Social Media Accounts

AndyC 17 August 2024

August 16, 2024Ravie LakshmananCloud Security / Application Security A widespread blackmail scheme has breached various organizations exploiting openly available environment...

Read More

Google Workspace Authentication Vulnerability Allowed Thousands of Emails to be Compromised

Security Exploit in Google Workspace Resulted in Compromised Emails

AndyC 31 July 2024

Following the unauthorized creation of Google Workspace accounts by hackers, numerous email addresses have been compromised as they managed to...

Read More

New York Times source code compromised via exposed GitHub token

The New York Times source code compromised via exposed GitHub token

AndyC 9 June 2024

The New York Times source code compromised via exposed GitHub token Pierluigi Paganini June 08, 2024 The leakage of The...

Read More

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

AndyC 19 December 2025

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new...

Read More

ESET Threat Report H2 2025

ESET Threat Report H2 2025

AndyC 17 December 2025

ESET Research A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research...

Read More

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...

Read More

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...

Read More

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...

Read More

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...

Read More

Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

AndyC 20 December 2025

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

AndyC 20 December 2025

Vendor News

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

AndyC 20 December 2025

State-linked and criminal hackers use device code phishing against M365 users

State-linked and criminal hackers use device code phishing against M365 users

AndyC 20 December 2025

Three ways teams can tackle Iran’s tangled web of state-sponsored espionage

Three ways teams can tackle Iran’s tangled web of state-sponsored espionage

AndyC 20 December 2025