In the most recent Patch Tuesday, Microsoft released fixes 66 CVEs, including an RCE bug under active attack. Three of the bugs that were patched in the update were rated critical. One of which has been under active attack for nearly two weeks. One of the other bugs included in

The Justice Department has announced a deal with three former US Intelligence operatives that allows them to pay a fine rather than face jail time for breaking multiple laws when conducting offensive hacking for the government of the United Arab Emirates. The deal is controversial, as it allows the three

A new security vulnerability in the WooCommerce Multi-Currency plugin could allow any customer to change the pricing for products in online stores. WooCommerce is a popular plugin for WordPress websites whereas the Multi-Currency plugin from Envato allows e-tailers to use WooCommerce to set pricing for international shoppers. The plugin is

This week, Apple released an urgent update that mitigates a critical vulnerability exploited by the Pegasus mobile software. The flaw, which is tracked as CVE-2021-30860, was first discovered by security researchers at the University of Toronto’s Citizen Lab when analyzing the iPhone of a Saudi activist who had been targeted

Ukrainian national Glib Oleksandr Ivanov-Tolpintsev has been extradited to the United States and is facing charges associated with decrypting the credentials of thousands of computers across the world and selling them on dark web forums. Ivanov-Tolpintsev was initially arrested in Poland on October 3, 2020, however, he will now travel

A MyRepublic data breach has raised controversy over security for critical data being housed in third-party infrastructure, according to researchers. Almost 79,000 MyRepublic mobile subscribers have been exposed in a data breach that affected personal information such as scanned copies of Singapore’s National Registration Identity cards, names, pictures, dates of

A new Android banking trojan referred to as SOVA is currently under active development, according to researchers. The malware is reportedly looking to incorporate several tools into its arsenal, including ransomware functionality, distributed denial of service, and man in the middle. The banking trojan already boasts functions such as banking

Singapore has delayed new laws that would arm the government with the ability to issue directives to different platforms, such as social media sites. The government would also obtain the power to block or remove any content deemed to be a part of hostile information campaigns. The proposed bill was

According to a statement released by Fortinet, credentials stolen from 87,000 unpatched SSL-VPNs have been posted to an online forum by former Babuk gang members for free. On Wednesday, BleepingComputer reported that it had been a miscommunication with a threat actor who leaked nearly half a million Fortinet VPN credentials.

Two healthcare organizations have begun distributing breach notification letters after both revealed that sensitive information had been compromised as a result of recent cyberattacks. The data accessed by cybercriminals includes Social Security numbers, treatment information, and diagnosis data. Those who were impacted by the attack are located in California and