Hacking
U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities…
Russia-linked actors target WhatsApp and Signal in phishing campaign
Russia-linked actors target WhatsApp and Signal accounts of officials and journalists via phishing, gaining access to messages and contacts. Threat…
44 Aqua Security repositories defaced after Trivy supply chain breach
Malicious Trivy images on Docker Hub spread infostealer malware, exposing developers after a supply chain attack. Researchers found malicious Trivy…
Pro-Iranian Nasir Security is targeting energy companies in the Gulf
Resecurity tracks Iran-linked Nasir Security targeting Middle East energy firms amid ongoing regional cyber and military threats. Resecurity (USA) is…
Malicious LiteLLM versions linked to TeamPCP supply chain attack
TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access.…
Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca
Cybercrime group Lapsus$ claims it hacked AstraZeneca, stealing 3GB of data including credentials, code, and employee information. The Lapsus$ group…
Recent Navia data breach impacts HackerOne employee data
A Navia breach exposed personal data of nearly 300 HackerOne employees after attackers compromised the benefits provider. HackerOne revealed that…
Russian authorities arrest alleged LeakBase admin behind stolen data marketplace
Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has…
