Security Bulletin

Major UK multinational education services provider Pearson had mostly legacy corporate and customer information stolen following a cyberattack, BleepingComputer reports.

The U.S. Department of Government Efficiency was reported by journalist Micah Lee to have had one of its software engineers compromised with information-stealing malware.

BleepingComputer reports that malicious code injected into the deprecated yet widely downloaded npm package 'rand-user-agent' as part of a supply chain attack has facilitated the deployment of a remote access trojan on systems where it has been...

Ads with the Apple logo and a link purportedly leading to CNN have been used to promote the fake cryptocurrency token dubbed "iToken" across X, formerly Twitter, as part of an ongoing cryptocurrency scam, Cybernews reports.

More than 38,000 different sub-domains have been utilized to host fraudulent cryptocurrency wallet websites on Amazon S3 and Azure Web Apps as part of the far-reaching FreeDrain cryptocurrency phishing campaign, reports The Hacker News.

We have to move past the longstanding choice of upgrading or accepting risk in our legacy Linux systems.

A 2025. 19. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.04.30. és 2025.05.08. között kezelt incidensek statisztikai adatait is tartalmazza.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Increase in attacks using malware known as “TheMoon" seen, says FBI.

A hard-coded JSON Web Token could allow a remote attacker to upload files with root privileges.

Organizations can truly become cyber resilient only after their business and cybersecurity missions align, and a new report from LevelBlue bears that out.