Latest news as of 7/12/2025, 8:58:47 AM
Bleeping Computer
Law enforcement agencies from 15 countries have taken 27 DDoS-for-hire services offline, also known as "booters" or "stressers," arrested three administrators, and identified 300 customers of the platforms. [...]
Bleeping Computer
The Romanian National Cybersecurity Directorate (DNSC) says the Lynx ransomware gang breached Electrica Group, one of the largest electricity suppliers in the country. [...]
Dark Reading
High-profile security incidents provide examples of how common vulnerabilities can be exploited. If you pay attention, you can learn from others' mistakes.
The Hacker News
A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions. "To exploit this technique, a user must be convinced to run a program that uses UI Automation," Akamai security researcher Tomer Peled said in a report shared with The Hacker News. "
Dark Reading
Hackers are constantly evolving, and so too should our security protocols.
Bleeping Computer
US doughnut chain Krispy Kreme suffered a cyberattack in November that impacted portions of its business operations, including placing online orders. [...]
The Hacker News
Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. "Zloader 2.9.4.0 adds notable improvements including a custom DNS tunnel protocol for C2 communications and an interactive shell
The Hacker News
Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account. "The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the
Dark Reading
As part of the commitment to CISA's Secure by Design pledge, Snowflake will begin blocking sign-ins using single-factor authentication next year.
Dark Reading
FCC Chairwoman Jessica Rosenworcel proposed "urgent action" to safeguard the nation's communications systems from real and present cybersecurity threats.