The World Baseball Softball Confederation (WBSC) left a data repository exposed, including sensitive files such as copies of 4,600 national passports, putting individuals at risk of identity theft and other fraudulent activities.

The industry argues that KYC could cost billions of dollars in administrative costs and raise privacy concerns, while sophisticated hackers would easily work around these requirements.

The Budworm APT group is evolving its cyber arsenal. Budworm’s signature technique consists of executing SysUpdate on victims’ networks by sideloading the DLL payload using the authentic INISafeWebSSO application – a tactic it has employed since at least 2018. Organizations should proactively update and patch their systems to counter known vulnerabilities exploited by tools like […]

The attack caused delays at airports and affected several Russian air carriers, including Aeroflot. The Ukrainian hacktivist group IT Army claimed responsibility for the attack.

The CACTUS ransomware group employs unique encryption techniques, including hiding the decryption key within a file named ntuser.dat, to evade detection by anti-virus software.

Improper configuration of third-party software like TeslaMate can result in privacy breaches, compromising the owner’s daily routine and posing risks such as planned robberies.

Prompt injection attacks manipulate LLMs by introducing malicious commands into free text inputs, posing a significant threat to cybersecurity and potentially leading to unauthorized activities or data leaks.

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a national public service campaign called “Secure our World” to raise awareness of cybersecurity in local communities.

The attackers utilized typosquatting and code modifications to trick developers into installing malicious packages and continuously refined their techniques to evade detection.