Multibillion-dollar corporation Applied Materials, which provides technology for the semiconductor industry, said during an earnings call this week that a ransomware attack on one of its suppliers would cost it $250 million in the next quarter.

A majority of the zero-click exploits are engineered to take advantage of vulnerabilities in applications such as messaging, SMS, or email apps that receive and process untrusted data.

Check Point observed a new malicious campaign targeting corporate entities in Armenia with a new OxtaRAT backdoor variant, with an aim to conduct surveillance. The attack involved a geo-political bait wherein hackers would share an image file (.SCR) masquerading as a PDF file. It is a polyglot file that combines the image and compiled AutoIT […]

Platypus confirmed a loss of “8.5 million” from its main pool and said that deposits were covered at 85%. Other pools were unaffected. The company has contacted the hacker to negotiate a bounty for the return of the funds.

The number of data breaches affecting healthcare providers declined in the second half of 2022, consistent with a downward trend over the past two years, according to Critical Insight.

In a blog post released this week, Twitter said that non-Twitter Blue users using SMS 2FA authentication have until March 20th, 2023, to switch to another 2FA method, or it will be disabled.

In an annual disclosure to investors, internet domain registrar GoDaddy said it is the victim of a three-year-long hacking campaign that installed malware on internal systems and obtained source code.

Researchers discovered a massive network of fake YouTube videos that cybercriminals are using to launch crypto scams. These fake videos advertise fraudulent web-based apps for USDT. To make the channels look legitimate, threat actors automated copy-pasting comments to videos. Many of these videos also encouraged victims to invite friends and family to participate, asking for a […]

“This is different from the plenty of attacks we’ve seen that spoof PayPal. This is a malicious invoice that comes directly from PayPal,” reads an advisory by Avanan published earlier today.

“The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password,” software supply chain security company Illustria said in a report.