Welcome to our blog!

The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the...

Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. [...] from...

​The New York Blood Center (NYBC), one of the world's largest independent blood collection and distribution organizations, says a Sunday ransomware attack forced it to reschedule some appointments. [...] from...

DeepSeek, the Chinese AI startup known for its DeepSeek-R1 LLM model, has publicly exposed two databases containing sensitive user and operational information. [...] from...

Remote work is now an essential part of many businesses, requiring organizations to rethink how they provide secure and efficient access to corporate resources. Learn from TruGrid about the advantages of cloud-based RDP versus RDP over VPN, especially in the context...

​GitHub is mitigating an ongoing incident causing problems with multiple services, including performing pull requests, creating or viewing issues, and even viewing repositories and commits. [...] from...

A new attack called 'Browser Syncjacking' demonstrates the possibility of using a seemingly benign Chrome extension to take over a victim's device through the browser. [...] from...

Microsoft has removed a safeguard hold that prevented devices with Auto HDR enabled from installing the Windows 11 2024 Update due to gaming issues. [...] from...

Europol and German law enforcement confirmed the arrest of two suspects and the seizure of 17 servers in Operation Talent, which took down Cracked and Nulled, two of the largest hacking forums with over 10 million users. [...] from...

A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI's safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...] from...

A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...] from...

DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...] from...

Three vulnerabilities discovered in the open-source PHP package Voyager for managing Laravel applications could be used for remote code execution attacks. [...] from...

The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...] from...

Microsoft is investigating an ongoing outage preventing users and admins from accessing some Microsoft 365 services and the admin center. [...] from https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-microsoft-365-outage-affecting-users-admins/

The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...] from...

Windows 11's Start menu is getting a big update with full-fledged Android and iPhone integration. [...] from https://www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/

As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Learn how a complimentary LayerX risk assessment can help...