A threat actor has been observed abusing compromised AWS keys to encrypt data in S3 buckets…
CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks
The US cybersecurity agency CISA is urging federal agencies to patch a second vulnerability in BeyondTrust…
Many Ivanti VPNs Still Unpatched as UK Domain Registry Emerges as Victim of Exploitation
A significant number of Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability, and…
Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments
Threat actors are exploiting a critical-severity remote code execution (RCE) vulnerability in Aviatrix Controller to deploy…
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
A high-severity flaw impacting select Four-Faith industrial routers has come under active exploitation in the wild,…
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
The United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has proposed new…
Rhode Islanders’ Data Was Leaked From a Cyberattack on State Health Benefits Website
Cybercriminals who hacked Rhode Island’s system for health and benefits programs have released files to a…
Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign
The supply chain attack in which cybersecurity firm Cyberhaven’s Chrome extension was compromised to steal users’…
Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident
Chinese hackers remotely accessed US Treasury Department workstations and unclassified documents after compromising a cloud-based service…
Palo Alto Networks Patches Firewall Zero-Day Exploited for DoS Attacks
Palo Alto Networks informed customers late last week that it has patched a zero-day vulnerability that…