LATEST POST
How GhostGPT Empowers Cybercriminals with Uncensored AI
Need a well-written phishing email but your English is not up to snuff? For a mere $50.00, you can get a chatbot to write malicious code for you. Abnormal Security reports: Artificial intelligence (AI) tools have changed the way we tackle day-to-day tasks, but cybercriminals are twisting that same technology for illegal activities. In 2023, WormGPT made […]
MGM Agrees to Pay $45 Million to Settle Data-Breach Lawsuit
The Wall Street Journal reports that an end is in sight to a consolidated federal class-action lawsuit against MGM Resorts International stemming from data breaches in 2019 and 2023. A federal court has given preliminary approval to a $45 million settlement. Hackers broke into the resort operator’s systems twice, according to the suit filed in the […]
The U.S. is trying to unravel a hacking plot that targeted climate activists
NPR reports that a U.S. Justice Department investigation of a global hacking campaign that targeted prominent American climate activists took a turn in court this week due to an allegation that the hacking was ordered by a lobbying firm working for ExxonMobil. The hacking was allegedly commissioned by a Washington, D.C., lobbying firm, according to a lawyer representing […]
SonicWall warns hackers targeting critical vulnerability in SMA 1000 series appliances
Researchers from Microsoft Threat Intelligence alerted the company to suspected threat activity. Cybersecurity Dive reports: SonicWall issued an alert Friday that a critical remote code execution vulnerability in its SMA appliances is under active exploitation by malicious hackers and urged customers to immediately update any vulnerable firmware. Researchers from Microsoft Threat Intelligence had warned SonicWall about the […]
TalkTalk investigates breach after data for sale on hacking forum
Bleeping Computer reports: UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data on a hacking forum. “As part of our regular security monitoring, given our ongoing focus on protecting customers’ personal data, we were made aware of unexpected access to, and misuse of, one […]
ChatGPT API flaw could allow DDoS, prompt injection attacks
Another day, another vulnerability. CSO Online reports that a researcher discovered an OpenAI development oversight that could allow attackers to launch DDoS attacks on unsuspecting victims: OpenAI-owned ChatGPT might have a vulnerability that could allow threat actors to launch distributed denial of service (DDoS) attacks on unsuspecting targets. According to a discovery made by German security researcher […]
WORST Healthcare Breach Ever: 1 in 2 Americans affected by UnitedHealth ransomware attack, new disclosure shows
The Minnesota Star Tribune reports: UnitedHealth Group says the impact from the cyberattack last year at its Change Healthcare subsidiary is much wider than previously understood, affecting roughly 190 million patients — up from previous estimates of about 100 million people. The updated tally extends the scope beyond what was previously described by company Chief Executive Andrew […]
Simple STARLINK Bug Let Hackers Control Every Connected Subaru
Security researchers gained complete control of Subaru vehicles worldwide using only basic customer information like license plates or ZIP codes Motor Illustrated reports: Security researchers discovered a critical vulnerability in Subaru‘s STARLINK connected vehicle service that allowed unauthorized access to vehicles and customer data across the United States, Canada, and Japan, according to a blog post published by […]