Security Bulletin

U.S. payments processing firm Payoneer has disclosed that some of its customer accounts were compromised as a result of a phishing campaign following reports from several users noting account breaches, password replacements, and fund exfiltration...

Numerous companies, universities, colleges, government agencies, and municipalities across Sweden have been impacted by outages after Finnish IT services and enterprise cloud hosting firm Tietoevry had one of its Sweden-based data centers compromised...

Massachusetts-based Anna Jaques Hospital was admitted to be compromised by the Money Message ransomware gang in a Christmas Day attack, which it claims resulted in the exfiltration of 600GB of data, as well as information from Beth Israel Lahey...

BleepingComputer reports that the recently discovered 3AM ransomware operation, also known as ThreeAM, has been found to be associated with the Conti and Royal ransomware gangs.

Widespread phishing campaign deployed by reemerging TA866 Threat operation TA866 has reemerged with a new massive phishing campaign aimed at North America after being absent from the threat landscape for nine months, The Hacker News reports.

Attacks exploiting a critical out-of-bounds write zero-day vulnerability in VMware Center Server, tracked as CVE-2023-34048, have been deployed by Chinese cyberespionage operation UNC3886 since 2021, two years before the flaw was identified and...

Over 500 military bases across Russia and Russia-occupied regions in Ukraine, including the Russian Army's military headquarters, had their maps and construction plans exfiltrated following a cyberattack by Ukrainian hacking operation Blackjack...

Thousands of vulnerable servers may be open to cyberattacks exploiting the max-severity CVE-2023-46604 bug.

Even the most careful VMware customers may need to go back and double check that they weren't compromised by a zero-day exploit for CVE-2023-34048.