Security Bulletin

Spotify and Apple Music among defrauded services using a combination of AI tools and bots.

The payment processing service said credit card information was accessed in June 2024.

CISA has added CVE-2024-40766 to its Known Exploited Vulnerabilities catalog.

Because of the high CVSS score and recent issues at Progress with MOVEit transfer, security pros say teams should patch immediately.

Though the company reports that data was exfiltrated in the breach, it has been remained tightlipped regarding the kind of data that was exposed.

Endpoint security has been around for decades, but changes in device use and the quick evolution of new attacks have triggered the development of new security techniques.

Data broker Whitepages has been sued by a retired West Virginia police officer in a class action after it allegedly published his home address, which constitutes a violation of the state's 2021 statute that prohibits the disclosure of addresses and...

Nearly $561,000 worth of Bitcoin, or less than a third of the demanded ransom, has already been sent by Tosan to IRLeaks' cryptocurrency wallet since both parties began negotiations in early August.

Attacks involved the creation of several ads redirecting to spoofed versions of Lowe's MyLowesLife employee portal in a bid to compromise credentials from current and former workers, according to a report from Malwarebytes Labs.

Despite immediately acting to block the infiltration of the targeted business application, attackers' access between Aug. 3 and Aug. 6 enabled the exfiltration of individuals' names and other sensitive details.

More than 120,000 files and over 1.7 million activity logs leaked by the database revealed Confidant Health patients' psychiatry intake notes, medical histories, disclosures of alcohol and other substance abuse, moods, memory, medications, and...