GitHub is warning users that they must enable 2FA on their accounts or face limited functionality on the site. This requirement applies to users contributing code on GitHub and is aimed at protecting accounts from breaches and code alterations.
The Rhysida ransomware group has claimed responsibility for hacking Abdali Hospital in Jordan. The group has published proof of the hack, including stolen documents, and is now auctioning off the sensitive data for 10 BTC.
National Amusements, the parent company of Paramount and CBS, has confirmed a data breach in which hackers stole personal information from 82,128 people. The breach occurred in December 2022 but was only discovered in August 2023.
EasyPark Group, the owner of brands including RingGo and ParkMobile, said customer names, phone numbers, addresses, email addresses, and parts of credit card numbers had been taken but said parking data had not been compromised in the cyberattack.
Europol, along with law enforcement authorities from 17 countries and the European Union Agency for Cybersecurity (ENISA), has partnered with private sector companies to combat digital skimming attacks.
The integration of Atom Security’s technology into Mend.io’s product line is expected to enhance coverage and reduce the number of irrelevant findings in code vulnerabilities.
On December 20, an unknown threat actor had access to Ubisoft’s infrastructure for 48 hours. The attackers attempted to steal user data from the game R6 Siege but were unsuccessful.
The source code for Grand Theft Auto 5 (GTA 5) has reportedly been leaked. This comes over a year after the Lapsus$ hacking group hacked Rockstar Games and stole company data.
The banking malware Carbanak has been observed in ransomware attacks with updated tactics. It has adapted to incorporate new attack vendors and techniques, making it more effective.
The Xamalicious backdoor, implemented with Xamarin, targets Android devices by gaining accessibility privileges and communicating with a C2 server to download a second-stage payload, potentially enabling fraudulent actions without user consent.