Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day, tracked as CVE-2023-6345, in the Chrome browser. The CVE-2023-5217 is a high-severity integer overflow in Skia. Skia is

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. In October, the Cloud identity and access management solutions provider said that threat actor

Thousands of secrets have been left exposed on Docker Hub, a platform where web developers collaborate on their code for web applications. While some are harmless API keys, others could lead to unauthorized access, data breaches, or identity theft, the latest Cybernews research reveals. The Docker Hub store has at least 5,493 container images that contain

Threat actors started exploiting a critical ownCloud vulnerability (CVE-2023-49103) that can lead to sensitive information disclosure. ownCloud is an open-source software platform designed for file synchronization and sharing. It allows individuals and organizations to create their own private cloud storage services, giving them control over their data wh

An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine. A joint law enforcement operation led by Europol and Eurojust, with the support of the police from seven nations, has arrested in Ukraine the core members of a ransomware group. Today EUROPOL in conjunction with the Ukraine National Police arre

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The North Texas Municipal Water District (NTMWD) is a regional water district that provides wholesale water, wastewater treatment, and solid waste services to a group of member cities and customers in North Texas, United State

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. It is a for-profit health system with a focus on acquiring, managing, and improving hospitals. Ardent Health Services

Ukraine’s intelligence service announced the hack of the Russian Federal Air Transport Agency, ‘Rosaviatsia.’ Ukraine’s intelligence service announced they have hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ The attack is the result of a complex special cyber operation. “The Defence Intellig

Threat actors breached the Municipal Water Authority of Aliquippa in Pennsylvania and took control of a booster station. During the weekend, Iranian threat actors hacked the Municipal Water Authority of Aliquippa (MWAA) and took control of one of their booster stations. The Authority pointed out that the attack did not impact the operations at the faci

The cyber attack that hit the managed service provider (MSP) CTS potentially impacted hundreds in the United Kingdom. CTS is a trusted provider of IT services to the legal sector in the UK. The company announced that it is investigating a cyber attack that caused a service outage. The incident impacted a portion of the services. The security incident p

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site.

UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply-chain attack The National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) released a joint warning that the North Korea-linked Lazarus hacking group is exploiting a zero-day vulnerability in the MagicLine4

Researchers reported that a Hamas-linked APT group is using a Rust-based SysJoker backdoor against Israeli entities. Check Point researchers observed a Hamas-linked APT group is using the SysJoker backdoor against Israeli entities. In December 2021, security experts from Intezer first discovered the SysJoker backdoor, which is able to infect Windows, m

Almost a million files with minors’ data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. During a recent investigation, the Cybernews research team discovered that IT company Appscook – which develops applications used by more than 600 schools in India and Sri Lanka for education management

Microsoft announced this week it will pay up to $20,000 for security vulnerabilities in its Defender products. Microsoft launched its new Microsoft Defender Bounty Program with a focus on Defender products and services. The company will pay up to $20,000 for the vulnerabilities in its Defender products. The bug bounty program starts with Defender for E