Google has moved to patch more Chrome zero-days that are actively under attack as it seems as though Google’s problems with in-the-wild Chrome zero-days are multiplying rapidly. The vulnerabilities patched affect Windows, macOS, and Linux users, pertaining to CVE-2021-21206 and CVE-2021-21220. Google did not provide any other details on the

A set of nine vulnerabilities are currently exposing roughly 100 million devices worldwide, according to researchers. The vulnerabilities lie in the basic code that dictates how devices communicate with the internet. What cybersecurity researchers are questioning is how to implement changes and effective defenses that will actively combat these types

Sweden’s national sports federations was allegedly hacked by the Russian military in 2017-2018, according to a new report released on Tuesday. The data-breaching campaign also affecting some of the world’s leading sports bodies, such as FIFA and the World Anti-Doping Agency. The country called the incident a series of repeated

Cybercriminals are leveraging zero-day vulnerabilities in Microsoft Exchange servers, dropping cryptocurrency mining malware as part of a campaign that seeks to secretly steal the processing power of compromised systems. The campaign is targeted towards financial gain and is currently ongoing, according to advisories published by several US agencies, including warnings

The Netherlands is still struggling to recover after a recent ransomware attack on a key logistics supplier, resulting in empty shelves at several branches of the country’s largest supermarket chain recently. Albert Heijn is an industry giant and provides food to a large portion of the country, with 1,000 locations.

Security researchers have found an SQL file containing the personal data of 1.3 million Clubhouse users available on a hacker forum for free. The information in the file includes names, user IDs, photo URLs, number of followers, dates the accounts were created, profile information, who invited the user to the

Microsoft has warned of a new campaign utilizing legitimate website contact forms to target victims with URLs that ultimately deliver a banking Trojan. The attack campaign is delivering the IcedID banking Trojan to businesses via emails containing fake legal threats, creating a sense of urgency and luring victims into clicking

According to Group-IB, a database containing stolen payment cards has been hit by hackers, who were able to lift the information off of the Swarmshop cyber-underground card market. The hackers leaked the information online, putting consumers in the US and across globe at risk for identity fraud, theft, and other

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has released a new tool that aims to help organizations detect a potential compromise to Microsoft 365 and Microsoft Azure. The tool has been named Aviary and includes a dashboard that facilitates the analysis of output from Sparrow, a

The National Cyber Security Center (NCSC) has released a critical security alert detailing how cybercriminals are actively exploiting a Fortinet VPN vulnerability to distribute ransomware. Kaspersky reported on the flaw earlier this month, stating that criminals are seeking out unpatched systems and are able to exploit the flaw to remotely