Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. “The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom Python […]
Dozens of environments and hundreds of individual user accounts have already been compromised in an ongoing campaign targeting Microsoft Azure corporate clouds. The activity is in some ways scattershot — involving data exfiltration, financial fraud, impersonation, and more, against organizations in a wide variety of geographic regions and industry verticals — but also very honed, […]
An individual employed by a Washington DC-based organization with international offices was targeted with powerful hacking software made by NSO Group, researchers have claimed, raising new concerns about the proliferation of spyware that can infect Apple devices. The alleged attack was discovered by researchers at the Citizen Lab at the Munk School at the University […]
PurFoods, an American meal delivery service which provides both to individual customers as well as working with more than 500 health plans, managed care organizations, governments and agencies to provide medically-tailored meals to those covered by Medicare and Medicaid, has recently suffered a data breach that exposed the data of more than 1.2 million customers. […]