Men Are Buying Hacking Tools to Use Against Their Wives and Friends

In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in doxing and sexual abuse...

This one’s for you, Mom

Welcome to this week's edition of the Threat Source newsletter. I am the product of a single parent, my mom, who along with my grandparents helped raise me into the man I am today. I cannot fathom what it took for my mom, who worked three jobs to put herself through college to be a teacher, to...

Women’s History Month: Encouraging women in cybersecurity at every career stage

Women’s History Month—and International Women’s Day on March 8, 2026—always gives me pause for reflection. It’s a moment to think about how far we’ve come and think about who we choose to uplift as we look ahead. Throughout my career, I’ve been inspired by extraordinary women leaders—trailblazers...

SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

The notorious cybercrime collective known as Scattered LAPSUS$ Hunters SLH has been observed offering financial incentives to recruit women to pull off social engineering attacks. The idea is to hire them for voice phishing campaigns targeting IT help desks, Dataminr said in a new threat brief. T...

kog-bonds-poc

KOG Bonds POC Agent Complete proof-of-concept demonstrating e...

Deepfake ‘Nudify’ Technology Is Getting Darker—and More Dangerous

Sexual deepfakes continue to get more sophisticated, capable, easy to access, and perilous for millions of women who are abused with the technology...

CVE-2025-53065

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2014-6918

Malware in sbrugna...

Kicking off Cybersecurity Awareness Month 2025: Researcher spotlights and enhanced incentives

October marks Cybersecurity Awareness Month, a time when the developer community reflect on the importance of security in the evolving digital landscape. At GitHub, we understand that protecting the global software ecosystem relies on the commitment, skill, and ingenuity of the security research...

MAL-2025-35967 Malicious code in test-mlw2-pewit-women (npm)

The package test-mlw2-pewit-women was found to contain malicious code...

Malicious code in test-mlw2-pewit-women (npm)

The package test-mlw2-pewit-women was found to contain malicious code...

Tea Dating Advice app has users’ private messages disclosed

A few days after Tea Dating Advice discovered unauthorized access to one of its systems that leaked 72,000 user images, the popular mobile app faced a second issue involving a separate database, as a researcher reported to 404Media that they were able to access private conversations. Tea Dating...

Tea App Breach: Women Only Dating Platform Leaks 72K User Images

The "Tea" app, a new and popular social platform for women, confirmed a major data breach affecting users…...

GirlsDoPorn owner faces life in jail after pleading guilty to sex trafficking

Michael James Pratt, the owner of pornographic websites GirlsDoPorn and GirlsDoToys, has pleaded guilty to sex trafficking in a US court. Pratt ran the websites, which lured and coerced young women into filming pornographic videos, from 2013 to 2019. Pratt and his accomplices lured women from...

Deepfake-posting man faces huge $450,000 fine

A man is facing a $450,000 AU fine after he published deepfake images of prominent Australian women on the now-defunct MrDeepfakes web site. That's if Australia's online safety regulator gets its way. Anthony Rotondo faces charges of posting these and other explicit deepfake images to the...

Recognizing Excellence: Rapid7’s Kelly Hiscoe and Heather DeMartini Honored as CRN’s 2025 Women of the Channel

We are thrilled to announce that two outstanding Rapid7 team members, Kelly Hiscoe and Heather DeMartini, have been recognized as CRN's 2025 Women of the Channel. This prestigious recognition honors innovative and strategic leaders that demonstrate commitment to advancing channel excellence and...

US Customs and Border Protection Quietly Revokes Protections for Pregnant Women and Infants

CBP’s acting commissioner has rescinded four Biden-era policies that aimed to protect vulnerable people in the agency’s custody, including mothers, infants, and the elderly...

Women’s History Month: Why different perspectives in cybersecurity and AI matter more than ever before

This Women’s History Month serves as a crucial moment for us to lead and continue to pave the way for a more inclusive future. I am truly honored to support my amazing women colleagues who continue to excel in their careers and am grateful to have so many allies who have extended their hands to...

Inside the Telegram Groups Doxing Women for Their Facebook Posts

A WIRED investigation goes inside the Telegram groups targeting women who joined “Are We Dating the Same Guy?” groups on Facebook with doxing, harassment, and sharing of nonconsensual intimate images...

CVE-2025-0534

A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Code/loginnew.php. The manipulation of the argument Username leads to sql injection. The attack may be...