📔 Over a Third of Grafana Instances Exposed to XSS Flaw 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Some 36 of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 WestJet Investigates Cyber-Attack Impacting Customers 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Canadian airline WestJet is investigating a cyberattack that struck on June 13.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🦅 NCSC Q1 2025 Report Reveals 14.7% Surge in Cybercrime Financial Losses in New Zealand 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble NCSC Q1 2025 Report Reveals 14.7 Surge in Cybercrime Financial Losses in New Zealand " dataimagecaption"Cyble NCSC Q1 2025 Report Reveals 14.7 Surge in Cybercrime Financial Losses in New Zealand " datamediumfile"httpscyble.comwpcontentuploads202506CybleBlogsNCSCQ1300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202506CybleBlogsNCSCQ11024x512.jpg" title"NCSC Q1 2025 Report Reveals 14.7 Surge in Cybercrime Financial Losses in New Zealand 1" The National Cyber Security Centre NCSC has released its latest Cyber Security Insights report for Q1 2025, revealing a troubling 14.7 increase in financial losses reported by New Zealanders due to cybercrime. From January 1 to March 31, this year, the New Zealands NCSC recorded 1,369 cybersecurity incidents.cyber security incidents. O...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
🖋️ Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Meta Platforms on Monday announced that it's bringing advertising to WhatsApp, but emphasized that the ads are "built with privacy in mind." The ads are expected to be displayed on the Updates tab through its Storieslike Status feature, which allows ephemeral sharing of photos, videos, voice notes, and text for 24 hours. These efforts are "rolling out gradually," per the company. The media.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
👎1
📔 Brits Lose £106m to Romance Fraud in a Year 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
New City of London Police data reveals British men and women lost over 100m to romance fraudsters in 2024.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a highseverity security flaw in TPLink wireless routers to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability in question is CVE202333538 CVSS score 8.8, a command injection bug that could result in the execution of arbitrary system commands when.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Are Forgotten AD Service Accounts Leaving You at Risk? 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
For many organizations, Active Directory AD service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts created for legacy applications, scheduled tasks, automation scripts, or test environments are often left active with nonexpiring or stale passwords. Its no surprise.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Hard-Coded 'b' Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform XP that could be chained to achieve preauthenticated remote code execution. Sitecore Experience Platform is an enterpriseoriented software that provides users with tools for content management, digital marketing, and analytics and reports. The list of vulnerabilities, which are yet to be.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Backups Are Under Attack: How to Protect Your Backups 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Todays ransomware attacks initially target your last line of defense your backup infrastructure. Before locking up your production environment, cybercriminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware," Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Taiwan Hit by Sophisticated Phishing Campaign 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Phishing campaign targeting Taiwan has been identified, using taxthemed emails and malware like Winos and HoldingHands.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
😱1
📔 Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and LOral.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Microsoft Promises to Keep European Cloud Data in Europe 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Microsofts Sovereign Cloud solutions are designed to ensure European cloud data is stored and processed in Europe.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The notorious cybercrime group known as Scattered Spider aka UNC3944 that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group GTIG. "Google Threat Intelligence Group is now aware of multiple intrusions in the U.S. which bear all the hallmarks of Scattered Spider activity," John Hultquist, chief analyst.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Hackers Exploit Critical Langflow Flaw to Unleash Flodrix Botnet 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
A vulnerability in the popular Pythonbased tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Hackers Exploit Langflow Flaw to Unleash Flodrix Botnet
A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data
🕵️♂️ WestJet Airlines App, Website Suffer After Cyber Incident 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
WestJet App, Website Suffer After Cyber Incident
Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.
📢 23andMe 'failed to take basic steps' to safeguard customer data 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
The ICO has strong criticism for the way the genetic testing company responded to a 2023 breach.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
23andMe 'failed to take basic steps' to safeguard customer data
The ICO has strong criticism for the way the genetic testing company responded to a 2023 breach.
😱1
📔 UK ICO Fines 23andMe £2.3m for Data Protection Failings 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
23andMe has been fined over 2m by the UK ICO for failing to adequately protect genetic data.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
UK ICO Fines 23andMe £2.3m for Data Protection Failings
23andMe has been fined over £2m by the UK ICO for failing to adequately protect genetic data
👍1
🖋️ Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers are warning of a new phishing campaign that's targeting users in Taiwan with malware families such as HoldingHands RAT and Gh0stCringe. The activity is part of a broader campaign that delivered the Winos 4.0 malware framework earlier this January by sending phishing messages impersonating Taiwan's National Taxation Bureau, Fortinet FortiGuard Labs said in a report.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
😱1
🕵️♂️ Operation Endgame: Do Takedowns and Arrests Matter? 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Cybercrime response needs more aggressive actions from those seeking to protect victims and pursue criminals.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
Operation Endgame: Do Takedowns & Arrests Matter?
Cybercrime response needs more aggressive actions from those seeking to protect victims and pursue criminals.
🕵️♂️ Private 5G: New Possibilities — and Potential Pitfalls 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
While ushering in "great operational value" for organizations, private 5G networks add yet another layer to CISOs' responsibilities.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
Private 5G: New Possibilities — and Potential Pitfalls
While ushering in "great operational value" for organizations, private 5G networks add yet another layer to CISOs' responsibilities.