RondoDox Botnet Operators Set React2Shell Flaw in Their Sights
The bad actors behind the RondoDox botnet are showing themselves to be highly adaptable and able to embrace changing...
Data Privacy
Malware Campaign Abuses Booking.com Against Hospitality Sector
An evolving multi-stage campaign likely run by Russian threat actors that uses a fake Booking.com reservation cancellation message for...
Widely Used Malicious Extensions Steal ChatGPT, DeepSeek Conversations
Two malicious extensions made to look like a legitimate tool and installed more than 900,000 times were used by...
Google Shutting Down Dark Web Report Met with Mixed Reactions
Google’s decision this week to discontinue its dark web report tool is drawing mixed reactions, from some people saying...
Google Chrome Extension is Intercepting Millions of Users’ AI Chats
A Chrome extension that promises security and privacy, has received good ratings from users and a “Featured” badge from Google,...
Hackers Steal Personal Data in 700Credit Breach Affecting 5.6 Million
A data breach at a company that offers credit reports, identity verification, and other services for about 18,000 auto dealerships...
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda spent seven years uploading seemingly legitimate extensions into browser marketplaces, building trust among its growing...
Cybersecurity Coalition to Government: Shutdown is Over, Get to Work
A cybersecurity industry group comprising almost two dozen tech heavyweights – including Google, Cisco, CrowdStrike, and Microsoft – are...
How AI Threats Have Broken Strong Authentication
Identity security has reached a tipping point. Stronger locks are no longer enough when adversaries can look, sound and...
Salesforce: Some Customer Data Accessed via Gainsight Breach
The highly publicized data breaches earlier this fall of Salesforce customers that was linked to Salesloft’s Drift application is...
SEC Dismisses Remains of Lawsuit Against SolarWinds and Its CISO
The Securities and Exchange Commission (SEC) this week dismissed what remained of its two-year-old, high-profile lawsuit against SolarWinds and...
4 U.S. Citizens, Ukrainian Plead Guilty in N. Korea IT Worker Scheme
There’s been extensive changes in cybersecurity policy in the shift from the Biden to Trump Administration, but one area...
The Data Privacy Risk Lurking in Paperless Government
The world is becoming increasingly paperless, and most organizations, including federal agencies, are following suit. Switching from paper-based processes to...
DoorDash Hit by Cybersecurity Breach, Millions of Users Potentially Exposed
Image: mohdizzuanbinroslan/Envato Food delivery operator DoorDash has been hit by another data breach, with millions of users across the US,...
OWASP Top 10 for 2025: What’s New and Why It Matters
In this episode, we discuss the newly released OWASP Top 10 for 2025. Join hosts Tom Eston, Scott Wright,...
