Lucene search
+L

124 matches found

The Hacker News
The Hacker News
added 2025/04/23 1:8 p.m.49 views

Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign

The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024. Google-owned Mandiant described UNC2428 as a threat actor aligned with Iran that engages in cyber...

7.2AI score
Exploits0
HackRead
HackRead
added 2024/11/26 1:3 p.m.16 views

Starbucks Shifts to Manual Processes After Contractor Ransomware Attack

Ransomware attack cripples Starbucks operations, forcing the coffee giant to rely on manual processes for employee scheduling and…...

7.3AI score
Exploits0
HackRead
HackRead
added 2024/11/04 7:17 p.m.13 views

Hackers Leak 300,000 MIT Technology Review Magazine User Records

Hackers claim to have breached MIT Technology Review Magazine via a third-party contractor, leaking nearly 300,000 user records…...

7.2AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/08/02 4:34 p.m.10 views

Sensitive Illinois Voter Data Exposed by Contractor’s Unsecured Databases

Social Security numbers, death certificates, voter applications, and other personal data were accessible on the open internet, highlighting the ongoing challenges in election security...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/22 11:28 a.m.72 views

ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor

Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang,"...

7.8CVSS9.1AI score0.99295EPSS
Exploits259
HackRead
HackRead
added 2024/05/30 6:39 p.m.12 views

ShinyHunters Claims Santander Bank Breach: 30M Customers’ Data for Sale

ShinyHunters claims surfaced two weeks after Santander Bank acknowledged a data breach linked to a third-party contractor involving…...

7.2AI score
Exploits0
HackRead
HackRead
added 2024/05/09 11:44 a.m.31 views

IntelBroker Hacker Leaks Alleged HSBC & Barclays Bank Data

By Waqas Hackers claim to have breached a third-party contractor of HSBC and Barclays, stealing sensitive data including database files, source code, and more. This is a post from HackRead.com Read the original post: IntelBroker Hacker Leaks Alleged HSBC & Barclays Bank Data...

7.2AI score
Exploits0
HackRead
HackRead
added 2024/04/03 1:46 p.m.21 views

IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.

By Waqas The leaked data was previously being sold by the IntelBroker hacker for just $3,000 in Monero XMR cryptocurrency. This is a post from HackRead.com Read the original post: IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc...

7.2AI score
Exploits0
HackRead
HackRead
added 2024/03/09 7:34 p.m.16 views

Hacker Claims Breaching US Federal Contractor Acuity, Selling ICE, USCIS Data

By Waqas The teasure trove of highly sentisive data is being sold for just $3,000 in Monero XMR cryptocurrency on Breach Forums. This is a post from HackRead.com Read the original post: Hacker Claims Breaching US Federal Contractor Acuity, Selling ICE, USCIS Data...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/02/22 1:27 p.m.23 views

New Leak Shows Business Side of China’s APT Menace

A new data leak that appears to have come from one of Chinas top private cybersecurity firms provides a rare glimpse into the commercial side of Chinas many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/21 11:21 a.m.58 views

A first analysis of the i-Soon data leak

Data from a Chinese cybersecurity vendor that works for the Chinese government has exposed a range of hacking tools and services. Although the source is not entirely clear, it seems that a disgruntled staff member of the group leaked the information on purpose. The vendor, i-Soon aka Anxun is...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/12 12:0 a.m.6 views

CVE-2023-40362

An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known...

4.6AI score0.00667EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.4 views

CentralSquare Security Breach

CentralSquare is an application from CentralSquare, Inc. CentralSquare suffers from a security vulnerability that stems from the web application's inability to validate a user's right to remove a contractor from an account with a specified user ID, which can be exploited by an attacker to remove ...

4.3CVSS6.8AI score0.00667EPSS
Exploits1References3
Wired Threat Level
Wired Threat Level
added 2024/01/06 2:0 p.m.17 views

23andMe Blames Users for Recent Data Breach as It's Hit With Dozens of Lawsuits

Plus: Russia hacks surveillance cameras as new details emerge of its attack on a Ukrainian telecom, a Google contractor pays for videos of kids to train AI, and more...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/12/24 12:0 a.m.9 views

PT-2023-27412 · Centralsquare · Centralsquare Click2Gov Building Permit

Name of the Vulnerable Software and Affected Versions: CentralSquare Click2Gov Building Permit versions prior to October 2023 Description: An issue was discovered in CentralSquare Click2Gov Building Permit, where lack of access control protections allows remote attackers to arbitrarily delete...

4.3CVSS4.4AI score0.00667EPSS
Exploits1References8
HackRead
HackRead
added 2023/10/23 1:28 p.m.10 views

Contractor Database Leak Exposes 500K Irish Police Vehicle Seizure Records

By Waqas This marks the fourth data security incident to affect a UK police department in 2023. This is a post from HackRead.com Read the original post: Contractor Database Leak Exposes 500K Irish Police Vehicle Seizure Records...

6.9AI score
Exploits0
OSV
OSV
added 2023/10/02 10:15 a.m.4 views

CVE-2023-44245

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin = 4.0.0 versions...

6.1CVSS7.3AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2023/10/02 10:15 a.m.27 views

CVE-2023-44245

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin = 4.0.0 versions...

7.1CVSS6.2AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/02 9:58 a.m.28 views

CVE-2023-44245 WordPress Contractor Contact Form Website to Workflow Tool Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin = 4.0.0 versions...

7.1CVSS6.3AI score0.00351EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/02 9:58 a.m.10 views

CVE-2023-44245 WordPress Contractor Contact Form Website to Workflow Tool Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin = 4.0.0 versions...

7.1CVSS5.8AI score0.00351EPSS
Exploits0References1
Rows per page
Query Builder