Ivanti patches Connect Secure zero-day exploited since mid-March
Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a ...
Texas State Bar warns of data breach after INC ransomware claims attack
The State Bar of Texas is warning it suffered a data breach after the INC ransomware gang claimed to have breached the ...
Genetic data site openSNP to close and delete data over privacy concerns
The openSNP project, a platform for sharing genetic and phenotypic data, will shut down on April 30, 2025, and delete all ...
Verizon Call Filter API flaw exposed customers' incoming call history
A vulnerability in Verizon's Call Filter feature allowed customers to access the incoming call logs for another Verizon ...
Oracle privately confirms Cloud breach to customers
Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a "legacy environment" last used in 2017.
Recent GitHub supply chain attack traced to leaked SpotBugs token
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise ...
Scallywag ad-fraud operation generated 1.4 billion ad requests per day
A large-scale ad fraud operation called 'Scallywag' is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests.