The multi-stage dissemination of Xeno RAT via Discord CDN demonstrates the use of deceptive tactics such as disguised shortcut files to deliver and execute the open-source malware.
The cyberattack left LoanDepot’s customers unable to make payments or access their online accounts, and the company expects the incident to impact its fiscal first quarter earnings by $12 to $17 million.
Cybersecurity researchers discovered a vulnerability in the Hugging Face Safetensors conversion service that could be exploited by attackers to compromise machine learning models submitted by users, leading to supply chain attacks.
Zyxel has identified and patched four critical vulnerabilities in its firewall and access point products, including flaws that could lead to remote code execution and denial-of-service attacks.
The new version of Pikabot features simpler encryption algorithms, anti-debugging methods, and plaintext bot configuration, indicating a new codebase with potential future improvements.
A 49-year-old Russian national has been charged with carrying out a cyberattack on a local power plant, resulting in a widespread blackout in 38 villages in the Vologda region.
The Russian Foreign Intelligence Service (SVR) cyber actors, also known as APT29 or Cozy Bear, have shifted their tactics to target cloud environments as organizations increasingly move to cloud-based infrastructure.
The British privacy watchdog has ordered a leisure center contractor, Serco Leisure, to stop using facial recognition and fingerprint scanning to track employees at 38 leisure facilities.
ThyssenKrupp, a major steel producer and industrial engineering firm, experienced a cyberattack on its Automotive division, leading to a forced shutdown of IT systems as part of the response and containment measures.
The education sector faces significant cybersecurity risks due to factors such as BYOD culture, vast student data troves, and resource scarcity, making strong cybersecurity measures crucial.