Cybersecurity experts and federal authorities are warning that the Scattered Spider hackers are now targeting aviation and transportation, indicating a significant increase in their activities. The FBI has announced that the cybercriminal group UNC3944 is now targeting the airline industry using advanced social engineering to attack major carriers. This alert …
Read More »
A new report from SafetyDetectives reveals that hackers posted a massive 3.1GB dataset online, containing about 61 million records reportedly from ‘Verizon USA’. The author marked this information as ‘2025’, hinting at a possible new data breach. Sensitive information revealed includes names, birth dates, tax IDs, addresses, and phone numbers. …
Read More »
A significant security vulnerability has been revealed in TeamViewer Remote Management for Windows, posing a risk of privilege escalation attacks. The CVE-2025-36537 vulnerability allows unprivileged local attackers to delete any files with SYSTEM-level authority, putting organizations using TeamViewer’s Remote Management at significant risk. Vulnerability Overview: The vulnerability, assigned a CVSS …
Read More »
Unidentified hackers are targeting exposed Microsoft Exchange servers to inject harmful code into login pages and steal credentials. Positive Technologies published an analysis last week revealing two types of JavaScript keylogger code on the Outlook login page. Those that save collected data to a local file accessible over the internet …
Read More »
A hacking group reportedly linked to Russian government has been discovered using a new phishing method that bypasses two-factor authentication by taking advantage of Google’s “app-specific password” feature. Google’s Threat Intelligence Group reported that from April to early June, an operation pretended to be US State Department officials in emails, …
Read More »
Russian cybersecurity experts discovered the first local data theft attacks using a modified version of legitimate near field communication (NFC) software, indicating a potential test for a larger operation. This report details SuperCard, a malicious version of NFCGate, made for sharing NFC data between two nearby devices. Cybercriminals have exploited …
Read More »
Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal information, social security numbers, and other sensitive data. The publicly exposed database was not password-protected or encrypted. It contained 170,360 records with a total size of 116.24GB. The dataset features …
Read More »
GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel’s IKE affecting UDP port 500. The attack centers around CVE-2023-28771, a high-severity remote code execution vulnerability (CVSS 9.8) affecting Zyxel Internet Key Exchange (IKE) packet decoders over UDP port 500. Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks. On …
Read More »
WestJet, Canada’s second-largest airline, is looking into a cyberattack that has affected some internal systems during its response to the breach. “WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users,” reads a security advisory on WestJet’s site. “We …
Read More »
Resecurity found 7.4 million records of Paraguayan citizens’ personal information leaked on the dark web today. Last week, cybercriminals attempted to sell this data for $7.4 million, or $1 per citizen. A ransomware group is extorting the country, marking a major cybersecurity event, with a deadline set for Friday, June …
Read More »
InfoSecBulletin Cybersecurity for mankind