Spotify users have been targeted by credential stuffers in a massive attack campaign discovered by a team at vpnMentor on July 3. According to vpnMentor, the database contained hundreds of millions of user records and was hosted on a completely unsecured Easticsearch server. The database contained 72GB of information, including

TikTok has awarded a researcher $4,000 for uncovering and reporting vulnerabilities that could have been exploited to perform account takeover. The bugs were found by Muhammed Taskiran, a German cybersecurity researcher. Taskiran reported the flaws in August, and they have since been patched by the social media platform. Taskiran states

A major power outage that occurred in mid-October in Mumbai, India, may have been the work of some sophisticated hackers. The outage impacted India’s biggest city, causing significant traffic disruption and wreaked havoc on public transportation such as trains and buses. According to authorities, it took two hours to restore

Cybercriminals are increasingly exploiting Google Services to conduct phishing and business email compromise (BEC) attacks, according to research firm Armorblox. Attackers are leveraging services provided by Google, such as Forms, Firebase, Docs, and more. A report from Armorblox shows how Google Forms and Docs are being used by malicious actors

GoDaddy employees have allegedly fallen victim to a series of social engineering phishing scams that led them to facilitate attacks on multiple cryptocurrency exchanges. The scam duped employees into changing email and registration records which were then used by cyberattackers to launch attacks on other organizations. The incident was reported

Facebook has been hosting a bug bounty program for roughly 10 years, which has provided the company with hundreds of bug reports before Facebook employees noticed any vulnerabilities. Recently, Facebook paid out $60,000 to an ethical hacker for reported a bug in Facebook Messenger that could have allowed an attacker

Wei Sun, a former Raytheon employee, has been convicted in the United States on charges related to exporting sensitive military data to China. Sun was an electrical engineer for Raytheon for a decade. This past February, Sun pled guilty to violating the Arms Export Control Act by taking a Raytheon-issued

Researchers have found that robot vacuums are vulnerable to eavesdropping through cyberattacks while inside their homes. Light Detection and Ranging (LiDAR) sensors on robot vacuums contain a bug that could allow an attacker to listen to private conversations. LiDAR technology allows these vacuum robots to navigate around floor obstacles as

Europol and the UN have released an alarming new report detailing how cybercriminals use malicious targeting and abuse of artificial intelligence to conduct cyberattacks. The report predicts that AI will become increasingly popular among adversaries, who will utilize it both as an attack vector and surface. Threat actors are seeking

Microsoft has added new endpoint detection and response capabilities to Linux machines. The new features were made public through a preview feature. This will allow for Linux users to be better protected against threats and have the ability to take action quickly when one arises. Linux EDR will also help