Latest news as of 7/14/2025, 3:10:03 AM
The Register
Employers remain blissfully unaware/wilfully ignorant of the impact of surveillance on staff More than three-quarters of UK employers admit to using some form of surveillance tech to spy on their remote workers' productivity.…
Have I Been Pwned
In December 2024, . The data was allegedly obtained from an unsecured Elasticsearch instance and contained over 62M records of largely public business information including company names, phone numbers and physical addresses, along with 27M unique email addresses, predominantly from public services such as Gmail and Outlook. Speedio did not respond to multiple attempts to disclose the incident, and the origin of the data could not be independently verified. The data was provided to HIBP by a source who requested it be attributed to "ayame@xmpp.jp". data alleged to have been taken from the Brazilian lead generation platform Speedio was posted for sale to a popular hacking forum
The Hacker News
A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks. The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor
The Hacker News
Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances. "When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server," Sonar researcher Yaniv Nizry said in a write-up published earlier this week. The
Dark Reading
Amateurish financial scams are common across Africa, and Namibia's influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.
Dark Reading
While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.
The Register
Digital canvas slinger indicates dot-com was skimmed for over a month Graphics tablet maker Wacom has warned customers their credit card details may well have been stolen by miscreants while they were buying stuff from its website.…
Bleeping Computer
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]
The Register
Oh someone's in DeepShi... China-based AI biz DeepSeek may have developed competitive, cost-efficient generative models, but its cybersecurity chops are another story.…
Bleeping Computer
DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...]