Iranian-linked group Handala breached California Water Service, leaking 5GB of customer data and exposing critical GPS infrastructure across seven districts.
…
Kali365 abuses the current OAuth device code flow on Microsoft accounts in a sophisticated attempt to dupe users into signing into their accounts
…
HP’s latest threat report reveals hackers are abusing legitimate remote access tools and fake downloads to silently compromise corporate devices.
…
Researchers uncovered a global phishing network using Google Cloud redirects and copied news content across thousands of coordinated servers.
…
China is using fake organizations to pay for intelligence reports, with higher payments for more secrets.
A not-so-private anonymous video chat app has compromised credentials, including usernames, emails, and network information, thanks to a misconfigured Kibana dashboard.
…
The threat actor tricked tens of thousands of MAGA and QAnon community members into believing he was a USAF veteran.
…
FBI links First VPN’s activities to gangs involved in cybercrime and calls for tighter security controls and behavioural monitoring to prevent cyberattacks.
…
Confidence is high, despite malware running rampant and businesses losing login credentials left and right.
A new side-channel attack was discovered but exploiting it is not as easy as it sounds.