Security Bulletin

Intrusions commence lures to install HZ RAT for macOS as an OpenVPN Connect-spoofing installer, which when executed triggers shell command execution, file writing to disk, file delivery to the command-and-control server, and device availability...

Information leaked by the Amazon S3 instance included Paperless Online Voter Applications, National Change of Address applications, and vote by mail ballot applications.

Operations of Razr ransomware commence with unique machine ID, encryption key, and Initialization Vector generation, which are later delivered in unencrypted JSON format to a command-and-control server.

Attackers with unauthorized VPN access were able to infiltrate Park'N Fly's network between July 11 and July 13, enabling the theft of individuals' names, mailing and email addresses, and Canadian Automobile Association and Aeroplan numbers.

Attacks commenced with the delivery of emails redirecting to sway[.]cloud[.]microsoft domain-hosted phishing pages that lured targets into scanning QR codes with their less secure mobile devices, which would facilitate further malicious activity.

Infiltration of Connexure's network resulted in the exfiltration of individuals' full names, birthdates, Social Security numbers, and insurance claim details, said the firm in newly issued data breach notifications.

Here’s a five-point checklist for building a strong vulnerability management team.

LLM automation tools and vector databases can be rife with sensitive data — and vulnerable to pilfering.

African nation's proactive approach to cybersecurity comes amid a rise in painful cyberattacks, including the breach of a major bank.

The exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors.