Security Bulletin

BleepingComputer reports that Google was discovered by Ethereum Name Service lead developer Nick Johnson to have had an OAuth vulnerability leveraged to facilitate the delivery of a bogus email purporting to be a security alert from the company with...

Android devices have been targeted with the new SuperCard X malware-as-a-service platform to pilfer funds from payment cards as part of a new scam that also involves social engineering and NFC exploitation, according to The Record, a news site by...

Massive ongoing US toll fraud underpinned by Chinese smishing kit Numerous threat actors have been leveraging an SMS phishing kit developed by Chinese threat actor "Wang Duo Yu" to conduct a widespread smishing attack campaign against toll road users...

Distributed denial-of-service malware XorDDoS has been enhanced with a more advanced controller as it continued to proliferate around the world from November 2023 to February 2025, according to Cyber Security News.

Attacks targeting government and contractor companies in Poland and Romania via NTLM exploit.

A ransomware attack and incident involving former employees led to potential HIPAA violations.

Threat actors would be at least temporarily derailed, experts say. But the real issue ladders back to organizations’ weak cyber hygiene.

Sports venue support company said sensitive information was stolen, but offers no further details.

Identity verification, insurance claims, and financial services are all seeing surges in AI-enabled fraud, but organizations are taking advantage of AI systems to fight fire with fire.