The vulnerability exposes system log files containing passwords, which can be used by attackers to gain unauthorized access. Security firm VulnCheck discovered evidence of small-scale exploitation of the vulnerability.

Users should carefully review app permissions and ensure they are using the latest version of the app to minimize the risk of being targeted by spyware or fake notifications.

The attackers exploit a recent flaw in WinRAR to execute malicious code and gain remote access to compromised systems. They also use a PowerShell script to steal data, including login credentials, from Google Chrome and Microsoft Edge browsers.

The ransomware group demanded an $80 million ransom, but CDW only offered $1 million. CDW states that the affected servers are isolated and not customer-facing, and its systems remain fully operational.

The leaked data also included information from Bluenove, a technology and consulting firm, suggesting a broader cyberattack targeting multiple organizations. Neither Decathlon nor Bluenove have issued an official statement regarding the data leak.

SpyNote hides its presence on the Android home screen and Recents screen, making it difficult to detect, and grants itself additional permissions to record audio, phone calls, log keystrokes, and capture screenshots.

The group claims to have stolen 5TB of patients’ and employee’s information, backups, PII documents, and more. The gang also published a sample as proof of the stolen data.

The ALPHV ransomware group has claimed to have attacked QSI Inc., a major ITM and ATM solutions provider that works with NCR Corporation. The cyberattack could potentially expose sensitive data from various sectors.

The phishing attack starts with an HTML file disguised as a voice message, which leads to the download of a file hosted on a disguised AWS URL. The attackers initially impersonate Zoom but later switch to spoofing Outlook and Teams login pages.

The outages have affected various operations, such as new orders, payments, and access to support systems, leading to customer frustration and the posting of signs by employees.