Misconfigured API exposes over 440K Life360 users' data
Included in the compromised information were customers' names, email addresses, and phone numbers, which have been verified to be legitimate by BleepingComputer amid a lack of comment from Life360.
Maximum severity Cisco SSM On-Prem vulnerability addressed
Such a vulnerability, tracked as CVE-2024-20419, could be exploited to facilitate web UI or API access and eventually allow the unauthenticated creation of new user passwords, according to Cisco.
Interpol zeroes in on West African cyber fraud operations
CyberScoop reports Interpol's crackdown on West African cyber fraud and organized crime as part of Operation Jackal III aimed at combating mounting financial fraud across the region has led to 300 arrests across five continents.
Attackers leveraged an updated version of the Demodex kernel-level rootkit with more advanced tools and obfuscation techniques to compromise an unnamed organization's network.
Iranian Cyber-Threat Group Drops New Backdoor, 'BugSleep'
The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear-phishing and legitimate remote management tools but is developing a brand-new homegrown tool set.