EPA Report Reveals Critical Cybersecurity Gaps in US Water Infrastructure
A concerning EPA watchdog investigation has uncovered major cybersecurity vulnerabilities in drinking water systems serving 193 million Americans. The report highlights inadequate security protocols and emergency response planning, raising alarms about potential cyber attacks that could disrupt or contaminate water supplies.
New Chrome Malware Bypasses Cookie Encryption, Exposing User Data
A sophisticated new malware strain can circumvent Google Chrome's cookie encryption mechanisms, allowing cybercriminals to silently harvest sensitive login credentials and session data. The concerning development highlights vulnerabilities in browser security and prompts recommendations for enhanced user protection.
Malicious GitHub Commits Target Security Researcher in Identity Fraud Attack
Multiple open-source projects on GitHub were compromised by unauthorized code commits falsely attributed to security researcher Stephen Lacy. The attack exploited commit verification weaknesses to damage the researcher's reputation, prompting GitHub to investigate and the community to implement stricter authentication measures.
T-Mobile Hit by Data Breach in Latest Attack on Telecom Giants
T-Mobile confirms unauthorized access to its systems in a recent cybersecurity incident, marking the latest in a series of attacks targeting major telecommunications providers. The company is working with security experts and law enforcement while advising customers to change passwords and enable two-factor authentication.
Five Eyes Intelligence Agencies Expose 2023's Most Dangerous Cybersecurity Vulnerabilities
FBI, CISA, NSA and international partners reveal alarming rise in zero-day attacks among 2023's most exploited vulnerabilities. The joint report highlights critical flaws in major systems, with Citrix and Cisco vulnerabilities topping the list of threats to global infrastructure.
Bitdefender Releases Free Tool to Counter New ShrinkLocker Ransomware Threat
Cybersecurity firm Bitdefender has discovered ShrinkLocker, a new ransomware exploiting Windows BitLocker encryption to lock users out of their systems. In response, they've released a free decryption tool to help victims recover data without paying ransom, dealing a significant blow to cybercriminals.
Critical Backdoor Attempt Detected in ExoLabs GitHub Repository
A malicious pull request containing backdoor code was discovered in the popular ExoLabs GitHub repository, highlighting the growing threat of supply chain attacks. The incident serves as a crucial reminder for maintainers to implement strict code review protocols and security measures.
Teen Swatting Mastermind Faces Prison After Orchestrating 375+ Hoax Emergency Calls
An 18-year-old California teen has pleaded guilty to federal charges for conducting one of America's largest swatting campaigns, targeting schools, religious institutions, and government officials. Operating as 'Torswats,' he ran a swatting-for-hire operation that caused widespread fear and chaos across communities.
Amazon Employee Data Exposed in Third-Party MOVEit Security Breach
Amazon confirms exposure of over 2.8 million employee records through a third-party vendor's MOVEit vulnerability. While sensitive financial data remained secure, the breach leaked work-related information and adds Amazon to a growing list of organizations impacted by MOVEit attacks.
Massive Data Breach at Set Forth Exposes 1.5 Million Customers' Personal Information
Set Forth, a major American debt services firm, suffered a significant data breach compromising sensitive data of 1.5 million customers and their families. The company discovered unauthorized system access in May 2024, leading to the theft of personal information including social security numbers.