News

The Hacker News4h
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
State-backed hackers breached Southeast Asia telecoms using advanced tools—no data stolen, but stealth access achieved.
Guardians of digital lives: Human Heart of cybersecurity innovation
By 2040, self-healing networks and global defense fabrics could secure our digital world, but only with governance and ...
Federal News Network18h
Here’s how VA envisioned cutting 83,000 employees before scrapping its plans
The VA proposed cutting 5% of clinical roles across the Veterans Health Administration, largely through attrition and closing ...
Mobile ID World20h
Massive OAuth Phishing Campaign Bypasses Microsoft 365 MFA Security
A sophisticated cyber campaign targeting Microsoft 365 users employs fake OAuth applications to circumvent multifactor authentication (MFA) protections, representing the latest evolution in ...
GovInfoSecurity23h
ISMG Editors: ToolShell Exploit Blurs Crime and Espionage
In this week's update, four ISMG editors discussed the latest on the ToolShell exploit and the rise of Warlock ransomware, ...
Microsoft Used China-Based Engineers to Support Product Recently Hacked by China
Microsoft announced that Chinese state-sponsored hackers had exploited vulnerabilities in its popular SharePoint software but ...
Crain's Chicago Business1d
Tastytrade co-founder's option-trading show taps into retail fever
Tastytrade charges about $1 to open an options contract. It also makes money from routing trades to market makers like ...
SecurityWeek1d
In Other News: Microsoft Probes ToolShell Leak, Port Cybersecurity, Raspberry Pi ATM Hack
Microsoft investigates whether the ToolShell exploit was leaked via MAPP, port cybersecurity, physical backdoor used for ATM ...
Hackaday1d
This Week In Security: Spilling Tea, Rooting AIs, And Accusing Of Backdoors
The Tea app has had a rough week. It’s not an unfamiliar story: Unsecured Firebase databases were left exposed to the ...
The Hacker News1d
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...
CSO Online1d
Cybercrooks faked Microsoft OAuth apps for MFA phishing
Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to ...
HealthcareInfoSecurity2d
Breach Roundup: Did China Have a Sneak Peek Into ToolShell?
Did China sneak a peak into ToolShell? ToolShell hacking in South Africa. Cisco flaws. Arizona woman sentenced for aiding ...