A massive data breach has hit LiveJournal, and the data is being advertised on several different hacker forms for free. The information in the leak includes plain text passwords converted from MD5 hashes, as well as email addresses, usernames, and profile URLs. Since May 8th of this year, the data

Researchers have used a new fuzzing tool to uncover a total of 26 vulnerabilities in operating systems Linux, macOS, Windows, and FreeBSD. The research team consists of individuals from Purdue University and the Swiss Federal Institute of Technology Lausanne. The fuzzing tool was created by the researchers and has been

Veracode’s annual State of Software Security report has revealed that researchers found 70 percent of applications available online contain at least one security flaw stemming from the use of an open-source library. This can arguably be attributed to a lack of awareness about where and how open source libraries are

The hacking group ShinyHunters has hit a popular mail-order meal kit company, Home Chef. Home Chef’s customer records were leaked as a result of the breach, according to a notice posted on the company’s website stating that customer information including email addresses, names, phone numbers, encrypted passwords, and four digits

A new version of the ComRAT backdoor has been found by security researchers at ESET. The backdoor is controlled through the Gmail web interface and was discovered when the state-sponsored Russian hacker group Turla began using it to harvest data and steal information in attacks targeting governmental institutions. Other common

Recently, the Veterans Affairs Department launched a chatbot that aims to provide veterans and their caregivers with answers regarding the COVID-19 pandemic. The chatbot was developed in less than a month through the Microsoft Healthcare Bot platform. The tool can be accessed 24/7 to assess symptoms related to COVID-19 as

Dark web trader ShinyHunters has leaked an alleged 40 million user records stolen from the mobile app Wishbone, stating that they had decided to leak the data for free after individuals started to resell it. Cybersecurity vendor Cyble reported the massive data breach, which marks ongoing tension in the cybercrime

Australian shipping giant Toll was hit by Nefilim ransomware earlier this month, marking its second ransomware attack since January. The hack did not result in data getting stolen, however, files were gathered from a corporate server in the attack. The shipping company refused to pay ransom demands made by the

Two vulnerabilities found by cybersecurity firm Claroty have been patched recently by Rockwell Automation. The flaws are related to Electronic Data Sheet (EDS) files and can allow for malicious actors to expand access within a target’s OT network. Earlier this week, advisories for the vulnerabilities were published by Rockwell and

Researchers have uncovered a new series of phishing campaigns that use Google Firebase storage URLs, stating that the threat actors are leveraging the reputation of cloud infrastructure created by Google to lure victims. The phishing campaign begins with spam emails that prompt victims to click on a Firebase link inside