Chinese hacking groups team up in cyber espionage campaign

Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace [...]

https://www.bleepingcomputer.com/news/security/chinese-hacking-groups-team-up-in-cyber-espionage-campaign/

 Club Penguin fans breached Disney Confluence server, stole 2.5GB of data

Club Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal corporate data, BleepingComputer has learned. [...]

https://www.bleepingcomputer.com/news/security/club-penguin-fans-breached-disney-confluence-server-stole-25gb-of-data/

 Check-in terminals used by thousands of hotels leak guest info

Ariane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests' personal information and the keys for other rooms. [...]

https://www.bleepingcomputer.com/news/security/check-in-terminals-used-by-thousands-of-hotels-leak-guest-info/

 Advance Auto Parts stolen data for sale after Snowflake attack

Threat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account. [...]

https://www.bleepingcomputer.com/news/security/advance-auto-parts-stolen-data-for-sale-after-snowflake-attack/

 Google Chrome reduced cookie requests to improve performance

Google shared details on a recently introduced Chrome feature that changes how cookies are requested, with early tests showing increased performance across all platforms. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-reduced-cookie-requests-to-improve-performance/

 FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out

The FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they can use to recover encrypted data for free. [...]

https://www.bleepingcomputer.com/news/security/fbi-recovers-7-000-lockbit-keys-urges-ransomware-victims-to-reach-out/

 Linux version of TargetCompany ransomware focuses on VMware ESXi

Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads. [...]

https://www.bleepingcomputer.com/news/security/linux-version-of-targetcompany-ransomware-focuses-on-vmware-esxi/

 PandaBuy pays ransom to hacker only to get extorted again

Chinese shopping platform Pandabuy told BleepingComputer it previously paid a ransom not to leak stolen data after the same threat actor began extorting the company again this week. [...]

https://www.bleepingcomputer.com/news/security/pandabuy-pays-ransom-to-hacker-only-to-get-extorted-again/

 New Gitloker attacks wipe GitHub repos in extortion scheme

Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information. [...]

https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/

 New Fog ransomware targets US education sector via breached VPNs

A new ransomware operation named 'Fog' launched in early May 2024, using compromised VPN credentials to breach the networks of educational organizations in the U.S. [...]

https://www.bleepingcomputer.com/news/security/new-fog-ransomware-targets-us-education-sector-via-breached-vpns/

 Ukraine says hackers abuse SyncThing data sync tool to steal data

The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed "SickSync," launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces. [...]

https://www.bleepingcomputer.com/news/security/ukraine-says-hackers-abuse-syncthing-data-sync-tool-to-steal-data/

 Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploit-2018-thinkphp-flaws-to-install-dama-web-shells/

 Los Angeles Unified School District investigates data theft claims

Los Angeles Unified School District (LAUSD) officials are investigating a threat actor's claims that they're selling stolen databases containing records belonging to millions of students and thousands of teachers. [...]

https://www.bleepingcomputer.com/news/security/los-angeles-unified-school-district-investigates-data-theft-claims/

 PHP fixes critical RCE flaw impacting all versions for Windows

A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide. [...]

https://www.bleepingcomputer.com/news/security/php-fixes-critical-rce-flaw-impacting-all-versions-for-windows/

 Microsoft makes Windows Recall opt-in, secures data with Windows Hello

Following massive customer pushback after it announced the new AI-powered Recall for Copilot+ PCs last month, Microsoft says it will update the feature to be more secure and require customers to opt in to enable it. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-makes-windows-recall-opt-in-secures-data-with-windows-hello/

 Frontier warns 750,000 of a data breach after extortion threats

Frontier Communications is warning 750,000 customers that their information was exposed in a data breach after an April cyberattack claimed by the RansomHub ransomware operation. [...]

https://www.bleepingcomputer.com/news/security/frontier-warns-750-000-of-a-data-breach-after-extorted-by-ransomhub/

 Christie's starts notifying clients of RansomHub data breach

British auction house Christie's is notifying individuals whose data was stolen by the RansomHub ransomware gang in a recent network breach. [...]

https://www.bleepingcomputer.com/news/security/christies-starts-notifying-clients-of-ransomhub-data-breach/

 Apple to unveil new 'Passwords' password manager app for iPhones, Macs

Apple will reportedly unveil a standalone password manager named 'Passwords' as part of iOS 18, iPadOS 18, and macOS 15 during the upcoming Apple Worldwide Developers Conference. [...]

https://www.bleepingcomputer.com/news/security/apple-to-unveil-new-passwords-password-manager-app-for-iphones-macs/

 LastPass says 12-hour outage caused by bad Chrome extension update

LastPass says its almost 12-hour outage yesterday was caused by a bad update to its Google Chrome extension. [...]

https://www.bleepingcomputer.com/news/security/lastpass-says-12-hour-outage-caused-by-bad-chrome-extension-update/

 DDoS attacks target EU political parties as elections begin

Hacktivists are conducting DDoS attacks on European political parties that represent and promote strategies opposing their interests, according to a report by Cloudflare. [...]

https://www.bleepingcomputer.com/news/security/ddos-attacks-target-eu-political-parties-as-elections-begin/

 New York Times source code stolen using exposed GitHub token

Internal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company's GitHub repositories in January 2024, The Times confirmed to BleepingComputer. [...]

https://www.bleepingcomputer.com/news/security/new-york-times-source-code-stolen-using-exposed-github-token/