Latest news as of 7/12/2025, 5:24:11 AM
Dark Reading
Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability.
Have I Been Pwned
In September 2024, . Obtained the month before, the data included 237k unique email addresses alongside names, dates of birth and salted SHA-256 password hashes. The standalone store was subsequently shut down with all traffic redirected to their Amazon store. data from the online German gift store schenkYOU was put up for sale on a popular hacking forum
The Hacker News
Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information. The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0. "A relative path traversal [CWE-23] in FortiWLM may allow a remote unauthenticated attacker to read sensitive files," the
The Hacker News
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless. Users who visit the
The Hacker News
The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020. An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy statement about what it does with the data
The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines. "Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls,
Have I Been Pwned
In December 2024, . Attributed to a backup taken by a previous administrator earlier in the year, the breach exposed email and IP addresses, bcrypt password hashes, usernames, bios, private messages, video comments and for some records, gender, date of birth and country of location. the video sharing Community BitView suffered a data breach that exposed 63k customer records
Dark Reading
The draft of the long-awaited update to the NCIRP outlines the efforts, mechanisms, involved parties, and decisions the US government will use in response to a large-scale cyber incident.
The Register
Recent campaign targeted 20,000 folk across UK and Europe with this tactic, Unit 42 warns Unknown criminals went on a phishing expedition that targeted about 20,000 users across the automotive, chemical and industrial compound manufacturing sectors in Europe, and tried to steal account credentials and then hijack the victims' Microsoft Azure cloud infrastructure.…
Dark Reading
The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see the growing API landscape as the more attractive target.