Deleting yourself and installing a different AV product without any warning or consent is certainly an interesting market exit. bleepingcomputer.com/news/security/…

Amazon says 175 million customers now use passkeys to log in bleepingcomputer.com/news/security/… #Security

🚨🚨WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. ZoomEye Dork👉app:"WordPress" 3 million+ results are found on zoomeye.hk. ZoomEye Link: zoomeye.hk/searchResult?q…

Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. Google state that 70% of exploited flaws disclosed in 2023 were zero-days. bleepingcomputer.com/news/security/…

Today the United States Securities and Exchange Commission charged four companies for intentionally misleading investors about the severity of the SolarWinds breach. In or around September 2019, APT29 a/k/a Cozy Bear a/k/a Turla Group compromised United States-based network

8% of DNS name servers have zone transfer enabled. Zone transfer can reveal a lot of information about your network and infrastructure, it might leak data that should be private and leave you vulnerable to DDOS amplification. reconwave.com/blog/post/alar…

More than a quarter of new code at Google is generated by AI trib.al/pHKqLh0

Re-buttonization NOW. Touchscreens are out, and tactile controls are back. spectrum.ieee.org/touchscreens

MITRE has shared this year's top 25 list of the most common and dangerous software weaknesses behind more than 31,000 vulnerabilities disclosed between June 2023 and June 2024. bleepingcomputer.com/news/security/…

🚨 A botnet named Socks5Systemz has infected over 85,000 machines worldwide, transforming them into anonymous proxy servers marketed on PROXY[.]AM for as much as $700/month. Learn more: thehackernews.com/2024/12/socks5… #infosec #hacking #malware

Microsoft is investigating an ongoing Multi-Factor Authentication outage that is blocking customers from accessing Microsoft 365 apps. Some affected Microsoft 365 users have also reported that MFA registration and reset are not working. bleepingcomputer.com/news/microsoft…

The TikTok vacuum getting filled by an app that’s even more Chinese is unfortunately the funniest possible outcome here

Ransomware gangs pose as IT support in Microsoft Teams phishing attacks bleepingcomputer.com/news/security/… #Security

New Phishing-as-a-Service targets Microsoft 365, leveraging sophisticated evasion techniques and a Telegram-based platform to steal credentials. hackread.com/telegram-sneak…

DeepSeek halts new signups amid "large-scale" cyberattack - Lawrence Abrams bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. bleepingcomputer.com/news/security/…

A reminder to those reading this that we're developers. We do the 'MVP as a service' thing, too. Pretty good at it (humble brag) Got an idea? Got funding? Be pretty dumb/uncool of you not to check us out, really. More info👇 datamango.io/rapid-startup-…

Hi, We've archived the MITRE CVE database. The CVE DB is free and open source on GitHub. However, we're providing a backup location for the data. We doubt it'll magically disintegrate in ash, but if it does we have a copy. vx-underground.org/Archive/CVE

MITRE warns that funding for critical CVE program expires today. Anyone have this on their bingo card? forbes.com/sites/tonybrad…