data theft

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

0-day, cybercriminals, data theft, distribution sector, Don't miss, exploit, Hot stuff, Intezer, manufacturing sector, News, Solis Security, SQL injection, web shell /

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) 2025-02-05 at 18:49 By Zeljka Zorz XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse management and order fulfillment. According to Intezer and Solis Security […]

React to this headline:

Loading spinner

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) Read More »

Casio UK site compromised, equipped with web skimmer

data theft, Don't miss, Hot stuff, Jscrambler, magento, News, web hacks /

Casio UK site compromised, equipped with web skimmer 2025-02-04 at 13:20 By Zeljka Zorz Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has discovered. The company says that the same skimmer has been added to at least seventeen (and possibly

React to this headline:

Loading spinner

Casio UK site compromised, equipped with web skimmer Read More »

DeepSeek’s popularity exploited to push malicious packages via PyPI

data theft, DeepSeek, Don't miss, Hot stuff, Malware, News, Positive Technologies, PyPI, Python /

DeepSeek’s popularity exploited to push malicious packages via PyPI 2025-02-03 at 15:33 By Zeljka Zorz Two malicious packages leveraging the DeepSeek name have been published to the Python Package Index (PyPI) package repository, and in the 30 minutes or so they were up, they have been downloaded 36 times. The malicious packages The attack started

React to this headline:

Loading spinner

DeepSeek’s popularity exploited to push malicious packages via PyPI Read More »

North Korean IT workers are extorting employers, FBI warns

data theft, Don't miss, enterprise, extortion, Hot stuff, News, North Korea, USA /

North Korean IT workers are extorting employers, FBI warns 2025-01-24 at 16:48 By Zeljka Zorz The FBI is on a mission to raise awareness about the threat that North Korean IT workers present to organizations in the US and around the world. While corporate espionage comes to mind first, the threat goes beyond that: “In

React to this headline:

Loading spinner

North Korean IT workers are extorting employers, FBI warns Read More »

MUT-1244 targeting security researchers, red teamers, and threat actors

Checkmarx, cryptojacking, data theft, Datadog, Don't miss, GitHub, Hot stuff, News, phishing, WordPress /

MUT-1244 targeting security researchers, red teamers, and threat actors 2024-12-16 at 17:33 By Zeljka Zorz A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data. MUT-1244 has

React to this headline:

Loading spinner

MUT-1244 targeting security researchers, red teamers, and threat actors Read More »

8Base hacked port operating company Luka Rijeka

data theft, Don't miss, EU, Europe, extortion, Hot stuff, maritime industry, News, Ransomware /

8Base hacked port operating company Luka Rijeka 2024-12-09 at 14:48 By Zeljka Zorz Luka Rijeka, a company that offers maritime transport, port, storage of goods and forwarding services in Rijeka, Croatia, has been hacked by the 8Base ransomware group. The group claimed the attack on their dark web data leak site and professed that they’ve

React to this headline:

Loading spinner

8Base hacked port operating company Luka Rijeka Read More »

Android 15 unveils new security features to protect sensitive data

Android, data theft, Don't miss, Google, hardware, mobile devices, News, Privacy, smartphones /

Android 15 unveils new security features to protect sensitive data 2024-10-16 at 13:20 By Help Net Security Android 15 brings enhanced security features to protect your sensitive health, financial, and personal data from theft and fraud. It also introduces productivity improvements for large-screen devices and updates to apps like the camera, messaging, and passkeys. Android

React to this headline:

Loading spinner

Android 15 unveils new security features to protect sensitive data Read More »

Microchip Technology confirms theft of employee data

cyberattack, data theft, Don't miss, Hot stuff, Microchip Technology, News, Ransomware, Semiconductors, USA /

Microchip Technology confirms theft of employee data 2024-09-05 at 12:31 By Zeljka Zorz US-based semiconductor manufacturer Microchip Technology has confirmed that the cyberattack it suffered in August 2024 resulted in the theft of data, including “employee contact information and some encrypted and hashed passwords.” The breach was claimed later that month by the Play ransomware

React to this headline:

Loading spinner

Microchip Technology confirms theft of employee data Read More »

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom

AWS, cloud security, credentials, data theft, Don't miss, extortion, Hot stuff, misconfiguration, News, Palo Alto Networks /

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom 2024-08-15 at 17:16 By Zeljka Zorz Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers

React to this headline:

Loading spinner

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom Read More »

Major data breaches that have rocked organizations in 2024

cybercrime, data breach, Data leak, data theft, News /

Major data breaches that have rocked organizations in 2024 2024-07-16 at 06:31 By Help Net Security This article provides an overview of the major data breaches we covered in 2024 so far, highlighting incidents involving Trello, AnyDesk, France Travail, Nissan, MITRE, Dropbox, BBC Pension Scheme, TeamViewer, Advance Auto Parts, and AT&T. Find out what led

React to this headline:

Loading spinner

Major data breaches that have rocked organizations in 2024 Read More »

The number of known Snowflake customer data breaches is rising

cloud security, credentials, data breach, data theft, Don't miss, enterprise, extortion, Hot stuff, News, Snowflake /

The number of known Snowflake customer data breaches is rising 2024-06-10 at 15:46 By Zeljka Zorz LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases. Snowflake says that their investigation is still ongoing, but continues to

React to this headline:

Loading spinner

The number of known Snowflake customer data breaches is rising Read More »

TotalRecall shows how easily data collected by Windows Recall can be stolen

Artificial Intelligence, data security, data theft, Don't miss, GitHub, Hot stuff, Microsoft, News, PoC, Privacy, software, Windows /

TotalRecall shows how easily data collected by Windows Recall can be stolen 2024-06-05 at 13:16 By Zeljka Zorz Ethical hacker Alexander Hagenah has created TotalRecall, a tool that demonstrates how malicious individuals could abuse Windows’ newly announced Recall feature to steal sensitive information. TotalRecall results (Source: Alexander Hagenah) Copilot+ Recall and its security pitfalls On

React to this headline:

Loading spinner

TotalRecall shows how easily data collected by Windows Recall can be stolen Read More »

Snowflake compromised? Attackers exploit stolen credentials

credentials, data breach, data theft, Don't miss, enterprise, extortion, Hot stuff, Hudson Rock, Mitiga, News, Snowflake /

Snowflake compromised? Attackers exploit stolen credentials 2024-05-31 at 22:17 By Zeljka Zorz Have attackers compromised Snowflake or just their customers’ accounts and databases? Conflicting claims muddy the situation. What is Snowflake? Snowflake is cloud-based data storage and analytics company based in the US, and claims nearly 9,500 organizations around the world as customers. “From an

React to this headline:

Loading spinner

Snowflake compromised? Attackers exploit stolen credentials Read More »

Moonstone Sleet: A new North Korean threat actor

cyber espionage, data theft, Don't miss, Hot stuff, Microsoft, News, North Korea, Ransomware /

Moonstone Sleet: A new North Korean threat actor 2024-05-29 at 15:46 By Zeljka Zorz Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware attacks to further goals of the North Korean regime. “Moonstone Sleet uses tactics, techniques, and procedures (TTPs) also used by other North Korean

React to this headline:

Loading spinner

Moonstone Sleet: A new North Korean threat actor Read More »

New covert SharePoint data exfiltration techniques revealed

Data exfiltration, data theft, Don't miss, enterprise, Hot stuff, logging, News, SharePoint, Varonis /

New covert SharePoint data exfiltration techniques revealed 2024-04-10 at 18:10 By Zeljka Zorz Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies’ SharePoint server. “These techniques can bypass the detection and enforcement policies of traditional tools, such as cloud access security brokers, data

React to this headline:

Loading spinner

New covert SharePoint data exfiltration techniques revealed Read More »

Fujitsu finds malware on company systems, investigates possible data breach

cyberattack, data breach, data theft, Don't miss, Fujitsu, Hot stuff, Japan, Malware, News /

Fujitsu finds malware on company systems, investigates possible data breach 2024-03-18 at 22:27 By Helga Labus Fujitsu Limited, the largest Japanese IT services provider, has announced that several of the company’s computers have been compromised with malware, leading to a possible data breach. Known details about the Fujitsu data breach The company published the security

React to this headline:

Loading spinner

Fujitsu finds malware on company systems, investigates possible data breach Read More »

Nissan breach exposed data of 100,000 individuals

Australia, data breach, data theft, Don't miss, Hot stuff, manufacturing sector, News, Ransomware /

Nissan breach exposed data of 100,000 individuals 2024-03-18 at 13:46 By Helga Labus Nissan Oceania has confirmed that the data breach it suffered in December 2023 affected around 100,000 individuals and has begun notifying them. First response In early December 2023, the company – a regional Nissan division which includes Nissan Motor Corporation and Nissan

React to this headline:

Loading spinner

Nissan breach exposed data of 100,000 individuals Read More »

43 million workers potentially affected in France Travail data breach

data breach, data theft, Don't miss, EU, France, Government, Hot stuff, News /

43 million workers potentially affected in France Travail data breach 2024-03-18 at 10:29 By Helga Labus French national unemployment agency France Travail (formerly Pôle emploi) and Cap emploi, a government employment service for people with disabilities, have suffered a data breach that might have exposed personal data of 43 million people. The breach The agencies

React to this headline:

Loading spinner

43 million workers potentially affected in France Travail data breach Read More »

Keyloggers, spyware, and stealers dominate SMB malware detections

cybercrime, cybersecurity, data theft, Malware, malware detection, News, report, Sophos, survey /

Keyloggers, spyware, and stealers dominate SMB malware detections 2024-03-13 at 06:06 By Help Net Security In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, extort victims, deploy ransomware,

React to this headline:

Loading spinner

Keyloggers, spyware, and stealers dominate SMB malware detections Read More »

Scroll to Top