Undetectable cryptomining technique found lurking on Microsoft Azure Automation
Someone found a loophole in Azure that allowed them to create free money and never get busted, but instead of using it – they reported it to Microsoft and had…
North Korean hackers are targeting Apple users with new macOS malware
Cybersecurity researchers from Jamf has discovered a new macOS malware designed and distributed by the North Korean threat actor BlueNoroff. ObjCShellz looks to execute shell commands sent from the attacker’s…
This crafty malware dropper sneaks past the toughest Google Android security defenses
Hackers have found a way to bypass Android’s “Restricted Settings” and install malware on a victim’s devices. Restricted Settings is a security feature first introduced in Android 13 that prevents…
Millions of Chinese citizen IDs exposed by online store
Millions of Chinese citizens have had their sensitive data exposed online thanks to yet another unprotected database. Cybersecurity researchers from CloudDefense.ai recently reported finding a major database generated by Zhefengle,…
This new macOS malware could leave you severely short-changed
The North Korean hacking collective Lazarus Group is back at it again, targeting blockchain engineers with advanced data exfiltration and remote code execution-capable trojans. A report from researchers Elastic Security…
Even Google Calendar isn’t safe from hackers any more
Hackers have reportedly found a way to use the Google Calendar as command & control (C2) infrastructure which could create quite a few headaches in the cybersecurity community. One of…
Microsoft 365 apps have a lot of new security vulnerabilities – here’s what we know
Cybersecurity researchers from Zscaler have discovered more than a hundred vulnerabilities in Microsoft 365 that were introduced with the addition of SketchUp into the cloud productivity suite. To make matters…
Google wants to help let you know exactly how safe that Android VPN you downloaded is
The Google Play Store will now let users know if VPN services downloaded on the storefront have agreed to security audits from independent bodies. VPN apps that have been audited…
A major online torrent service has suffered a major data breach – check if you’re affected
A major private torrent community appaears to have inadvertently exposed sensitive user data to the wider internet. Research from Cybernews discovered an unprotected database using Elasticsearch belonging to French service…
This top torrent service suffered a major data breach
A French private torrent community called World in HD (WiHD) inadvertently exposed sensitive user data to the wider internet. Research from Cybernews discovered an unprotected database using Elasticsearch. The database,…