Cybersecurity researchers have recently discovered an incredibly simple phishing campaign that seems to be performing exceptionally well. In a blog post, experts from Cofense described a newly found phishing campaign in which threat actors impersonate a car insurance company. The
Author: Sead Fadilpascaroni263
CISA warns on JetBrains TeamCity flaw that could allow hackers to generate admin accounts
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a recently discovered JetBrains vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, saying it found evidence of active exploitation. “These types of vulnerabilities are frequent attack vectors for malicious cyber
AI-powered social engineering attacks are seeing a huge rise – and that’s a major problem
Hackers have fully adopted generative AI tools into their latest attacks, with unfortunately successful results, new research has claimed. Data from cybersecurity experts Darktrace demonstrates that phishing surged with the general adoption of Chat-GPT, and that these emails have gotten
US sanctions top spyware maker over claims it targeted thousands of Americans
The US government has sanctioned Intellexa Consortium, the company which developed and sold the notorious Predator spyware. The group consists of Intellexa S.A. (Greece), Intellexa Limited (Ireland), Cytrox AD (North Macedonia), Cytrox Holdings ZRT (Hungary), and Thalestris Limited (Ireland). Among
New critical JetBrains security flaw could let hackers hijack entire servers
Cybersecurity researchers have recently discovered two high severity vulnerabilities in JetBrains TeamCity On-Premises software. The software is described as a “powerful and user-friendly Continuous Integration and Deployment server”, that developers can use to build, check, and run automated tests on
Most codebases contain a huge amount of open source vulnerabilities
The number of commercial codebases containing high-risk vulnerabilities integrated through open source components has increased dramatically year-on-year. A report from Synopsys found almost three-quarters (74%) contained vulnerabilities that are being actively exploited, have proof-of-concepts (PoC), or are classified as remote
American Express confirms customer details exposed — third-party data breach sees info leaked online
Some American Express card users may have had their sensitive data exposed to hackers, the company has confirmed. In a breach notification letter sent to affected customers, the credit card giant claimed it wasn’t American Express infrastructure that was breached,
Ivanti VPN security flaws are being attacked again by Chinese hackers
The recently discovered Ivanti VPN security flaws are still being abused, researchers have claimed – with Chinese hackers now taking advantage of the vulnerabilities to deploy all kinds of malware. Cybersecurity researchers from Google-owned Mandiant have claimed the Chinese group
AI models could be attacked, flawed by this Hugging Face security issue — security worries add to AI concerns
There is a way to abuse the Hugging Face Safetensors conversion tool to hijack AI models and mount supply chain attacks. This is according to security researchers from HiddenLayer, who discovered the flaw and published their findings last week, The
Most data breaches on enterprise attack the supply chain
The vast majority of data breaches happening in the enterprise occurred through the software and technology supply chain. This is according to a new research paper published by SecurityScorecard, which claims 75% of all third-party breaches targeted the software and