Featured
GitHub Launches $1.25M Security Fund to Bolster Open Source Projects
GitHub introduces a $1.25 million fund to support 125 open-source projects with $10,000 grants and comprehensive security training. The initiative addresses critical gaps in open-source security funding, backed by major tech companies like Microsoft and American Express.
MITRE's 2024 Top 25 Software Vulnerabilities: Out-of-Bounds Write Tops Critical Security Threats
MITRE Corporation unveils its 2024 ranking of the most dangerous software weaknesses, with out-of-bounds write claiming the top spot followed by cross-site scripting and improper input validation. The annual list serves as a crucial guide for organizations to prioritize cybersecurity efforts and strengthen their software development practices.
Scattered Spider Cybercrime Gang Members Face Federal Charges in $11M Hacking Scheme
Five individuals linked to the notorious Scattered Spider cybercrime group have been charged with orchestrating sophisticated phishing campaigns targeting major companies. The group allegedly stole $11 million and sensitive data through SMS-based attacks, with connections to high-profile breaches including last year's MGM Casino ransomware incident.
Spotify Platform Exploited to Spread Pirated Software and Game Cheats
Cybersecurity researchers reveal malicious actors are using Spotify playlists and podcasts to distribute links to unauthorized downloads and harmful software. The exploitation of the popular streaming platform allows bad actors to bypass security measures while potentially exposing millions of users to malware and scams.
Ghost Tap: The Invisible Threat Draining Bank Accounts Through Contactless Payments
A new hacking technique called Ghost Tap allows cybercriminals to steal funds through contactless payments by exploiting NFCGate technology, enabling fraudulent purchases without physical access to cards. The attack combines banking malware and coordinated mules to relay tap-to-pay data globally within seconds.
Privacy Concerns Mount as Modern Cars Become Rolling Data Centers
Today's connected vehicles have transformed into sophisticated data collection machines, tracking everything from location to entertainment preferences. Privacy experts warn about the extensive personal information being gathered and shared by car manufacturers, calling for stronger regulations and transparency.
Major Data Breach Hits Banking Software Giant Finastra
Global fintech leader Finastra confirms unauthorized access to its file transfer system, with hackers claiming theft of 400GB of sensitive data. The London-based company, serving 45 of the world's top 50 banks, has launched an investigation while maintaining operational continuity.
Russian Ransomware Kingpin Behind $16M Phobos Operation Faces US Charges
A Russian national has been extradited from South Korea to face charges for operating the Phobos ransomware enterprise that targeted over 1,000 organizations globally. The operation, which employed a ransomware-as-a-service model, extorted more than $16 million through cryptocurrency payments.
Hackers Target Jupyter Servers to Create Illegal Sports Streaming Network
Cybersecurity researchers discovered attackers exploiting unsecured Jupyter data science servers to illegally stream sports content from legitimate broadcasters. The scheme involves compromising servers to capture and redistribute live sports broadcasts through unauthorized streaming platforms.