Archives: News
News articles and updates
Canadian Utility Discloses Data Breach, But Key Details Remain Unclear
A Canadian utility company has acknowledged a data breach, but has not provided specifics on the nature or extent of the incident, leaving customers and the public with unanswered questions.
Squid Proxy Flaw ‘Squidbleed’ Exposes User Data, Researchers Warn
Cybersecurity researchers have uncovered a decades-old vulnerability in the Squid proxy server that could potentially expose user data. The flaw, dubbed 'Squidbleed,' has existed in the popular open-source software for years.
Researchers Uncover Severe Security Flaws in Dify’s Enterprise AI Chatbot Platform
Cybersecurity experts have discovered critical vulnerabilities in the Dify platform that could expose sensitive AI-powered conversations across different tenants, raising concerns about enterprise data security.
DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor Traffic
Cybersecurity researchers have uncovered a new tactic used by the DragonForce hacking group to conceal their malicious backdoor traffic by abusing Microsoft Teams' built-in relay functionality.
Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites
Security researchers have successfully disrupted the SocGholish malware network, cleaning up over 14,971 infected WordPress sites in a coordinated global effort.
E-Commerce Checkout Pages Now a PCI DSS Compliance Concern
Cybersecurity experts warn that the scripts running on e-commerce checkout pages pose a serious threat to customer payment data, requiring businesses to strengthen security measures to maintain PCI DSS compliance.
INC Ransomware Emerges as Major Threat, Impacting Over 830 Victims Since 2023
A dangerous new ransomware strain known as INC has rapidly expanded, impacting over 830 victims across diverse sectors since 2023, cybersecurity experts warn.
Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data
Salesforce has disabled the integration of the Klue app after discovering unauthorized access to customer data through the misuse of OAuth tokens.
Microsoft Discloses Windows Clipper Malware Using USB LNK Worm and Tor C2
Microsoft has revealed details about a new malware campaign targeting Windows users, dubbed 'Windows Clipper,' which leverages a USB LNK worm and a Tor-based command-and-control infrastructure.
Shadow AI’s Real Threat: Unauthorized Access Control, Not Data Leakage
Cybersecurity experts warn that the real danger of Shadow AI lies in its ability to gain control over critical systems and infrastructure, not just data leakage.