-
Pall Mall Process to tackle commercial hacking proliferation raises more concerns than solutions
An initiative spearheaded by France and the U.K. last year to tackle commercial spyware has experienced setbacks and significant gaps, according to participants. Go to Source
-
Ivanti warns hackers are exploiting new vulnerability
The company released an advisory and a corresponding blog about two bugs — CVE-2025-0282 and CVE-2025-0283 — and warned that some customers have already seen CVE-2025-0282 exploited in their environments. Go to Source
-
Data of more than 8,500 customers breached on Green Bay Packers shopping website
The Green Bay Packers Pro Shop website was exposed to malicious code that stole data about more than 8,500 shoppers, the NFL team says. Go to Source
-
Education software firm’s hack exposes personal data for students, teachers nationwide
An education software company which stores data belonging to more than 60 million K-12 students and teachers on Tuesday said it had been hacked. Go to Source
-
Russian internet provider confirms its network was ‘destroyed’ following attack claimed by Ukrainian hackers
In a statement on the Russian social media platform VKontakte, the St. Petersburg-based company said the “planned” attack “destroyed” its infrastructure overnight. Nodex added that it was working to restore systems from backups but could not provide a timeline for when operations would fully resume. Go to Source
-
Bug in macOS, Gatekeeper’s security can be bypassed by malware.
The macOS operating system was recently patched for a security vulnerability that could be exploited by a threat actor to bypass “myriad foundational macOS security mechanisms” and run arbitrary code. Patrick Wardle described the discovery in a series of tweets on Thursday. According to CVE-2021-30853 (CVSS 5.5), the issue involves a scenario where a rogue…
-
Azure App Service Exposed Hundreds of Source Code Repositories after four years.
A security flaw has been discovered in Microsoft’s Azure App Service that exposed source code for customer applications written in Java, Node, PHP, Python, and Ruby for at least four years since September 2017. According to Wiz researchers, the vulnerability, codenamed “Not Legit,” was first reported to the tech giant on October 7, 2021, and…