39/68 Wednesday, January 29, 2025 A security vulnerability in the Brave Browser, a popular choice among users, has been discovered in desktop versions 1.70.x to 1.73.x. This vulnerability, identified as CVE-2025-23086, falls under CWE-60, which relates to source data tampering. It allows malicious websites to appear as trusted sources during file uploads or downloads. The […]
38/68 Tuesday, January 28, 2025 UnitedHealth Group revealed that the personal and health data of over 190 million individuals were stolen in a cyberattack targeting Change Healthcare, a subsidiary of the company. This breach marks the largest data leak in U.S. history, with the figure significantly higher than the initial estimate of 100 million affected […]
37/68 Tuesday, January 28, 2025 Cybersecurity experts have issued a warning about the spreading MintsLoader malware campaign, which targets organizations in the energy, oil and gas, and legal sectors across the United States and Europe. MintsLoader is designed to deploy secondary malware, such as StealC, a data-stealing tool, and BOINC, an open-source computing platform that […]
36/68 Monday, January 27, 2025 A vulnerability in the Subaru Starlink system has put vehicles and customer accounts in the U.S. and Canada at risk of remote attacks. Cybersecurity researchers Sam Curry and Shubham Shah discovered the flaw, which allows attackers with basic information such as a name, email, or license plate to take control […]
35/68 Monday, January 27, 2025 Microsoft has issued a notice to Windows system administrators that it will discontinue driver synchronization through the Windows Server Update Services (WSUS) on April 18, 2025, 90 days from now. Drivers will still be available for download via the Microsoft Update Catalog but can no longer be imported into WSUS. […]
34/68 Friday, January 24, 2025 A vulnerability has been discovered in the file management software 7-Zip, identified as CVE-2025-0411, which allows attackers to bypass the Mark of the Web (MotW) security feature in Windows. MotW is a Windows security mechanism that tags files downloaded from untrusted sources, such as the internet, to mitigate potential security […]
33/68 Friday, January 24, 2025 Cloudflare revealed on Tuesday that it successfully detected and blocked a distributed denial-of-service (DDoS) attack reaching speeds of up to 5.6 terabits per second (Tbps), marking the largest attack ever recorded. This attack occurred on October 29, 2024, targeting an Internet Service Provider (ISP) in East Asia. The assault utilized […]
32/68 Thursday, January 23, 2025 Ukraine’s Computer Emergency Response Team (CERT-UA) has issued a warning about malicious actors impersonating CERT-UA to send fake AnyDesk connection requests. These requests falsely claim to be for cybersecurity inspections. The attackers are using CERT-UA’s logo and fake AnyDesk IDs to deceive targets, employing social engineering techniques to build credibility. […]
30/68 Wednesday, January 22, 2025 Hewlett Packard Enterprise (HPE) is investigating claims made by IntelBroker, a hacker group that alleges it is selling stolen data and source code from the company. The data in question reportedly includes product source codes such as Zerto and ILO, SAP Hybris systems, digital certificates, Docker files, and legacy user […]
29/68 Wednesday, January 22, 2025 Cybersecurity researchers from CYFIRMA have uncovered new Android malware named Tanzeem and Tanzeem Update. The malware is linked to an Indian APT group known as the DoNot Team or APT-C-35, which primarily targets government organizations, military agencies, foreign ministries, and embassies in South Asian countries such as India, Pakistan, Sri […]
