US marijuana dispensary STIIIZY warns customers of leaked IDs and passports following a November data breach. US marijuana dispensary STIIIZY disclosed a data breach after a vendor’s point-of-sale system... Read more »

Fortinet warns of a phishing campaign using legitimate links to hijack PayPal accounts, tricking users into granting unauthorized access. Fortinet uncovered a phishing campaign targeting PayPal users. The scheme... Read more »

Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS... Read more »

Researchers at Google Project Zero disclosed a now-patched zero-click vulnerability that affects Samsung devices. Google Project Zero researchers disclosed details about a now-patched zero-click vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1),... Read more »

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which finally installs the XMRig cryptominer. CrowdStrike discovered a phishing... Read more »

Japanese authorities attributed a cyber-espionage campaign targeting the country to the China-linked APT group MirrorFace. The National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have... Read more »

Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. Medusind is a company that provides medical billing, coding, and... Read more »

A group of hacktivists, known as the Ukrainian Cyber Alliance, breached Russian ISP Nodex, stole sensitive documents, and wiped systems. Ukrainian Cyber Alliance hacked Russian ISP Nodex, stole sensitive... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security... Read more »