CISA orders agencies to patch BeyondTrust bug exploited in attacks
CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively…
Stolen Path of Exile 2 admin account used to hack player accounts
Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and…
macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers…
Hackers exploit critical Aviatrix Controller RCE flaw in attacks
Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors…
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was…
Ransomware abuses Amazon AWS feature to encrypt S3 buckets
A new ransomware campaign encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) known only to…
Data breach compromises STIIIZY customers’ data
Information compromised in the breach included not only names, birthdates, email addresses, and phone numbers, but also Social Security numbers,…
Microsoft MFA outage blocking access to Microsoft 365 apps
Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) outage that is blocking customers from accessing Microsoft 365 Office apps. Some affected…
Phishing texts trick Apple iMessage users into disabling protection
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into…
Scammers file first — Get your IRS Identity Protection PIN now
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to…