Missing tycoon’s co-defendant fatally struck by car

The co-defendant of British tech tycoon Mike Lynch – who is currently missing in Italy – has died after being hit by a car. Stephen Chamberlain, 52, was Mr Lynch’s co-defendant in his US fraud trial in which both men Read More …

ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts

This research reviews an attack vector allowing the compromise of GitHub repositories, which not only has severe consequences in itself but could also potentially lead to high-level access to cloud environments. This is made possible through the abuse of GitHub Read More …

Cash App to award $15M to users in security breach settlement

Cash App users could get some cash sent to their bank accounts soon. In a settlement, the mobile payment service was ordered to pay out $15 million in damages. According to a class-action lawsuit obtained by USA TODAY, plaintiffs sued Read More …

Pakistan to launch home-grown messaging app amid internet disruptions

The Pakistani government is set to roll out “Beep Pakistan”, a communication application designed for federal officials and employees. Shaza Fatima Khwaja, the state minister for information technology and telecommunication, said that the application was currently undergoing trial runs within Read More …

Data breach exposes US spyware maker behind Windows, Mac, Android and Chromebook malware

A little-known spyware maker based in Minnesota has been hacked, TechCrunch has learned, revealing thousands of devices around the world under its stealthy remote surveillance. A person with knowledge of the breach provided TechCrunch with a cache of files taken Read More …

I spy another mSpy breach: Millions more stalkerware buyers exposed

Commercial spyware maker mSpy has been breached – again – and millions of purchasers can be identified from the spilled records.… mSpy showed up on Have I Been Pwned on July 11, with the site revealing hacktivists were responsible for Read More …

Millions of iOS apps could have been hit by cyberattack due to a worrying flaw

A key tool used primarily in iOS and macOS app development was vulnerable in a way that opened up millions of Mac apps to supply chain attacks, experts have warned. Cybersecurity researchers EVA Information Security claim a dependency manager for Read More …

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Their investigation identified that the suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes Read More …

ExCobalt: GoRed, the hidden-tunnel technique

While responding to an incident at one of their clients, the PT ESC CSIRT team discovered a previously unknown backdoor written in Go, which they attributed to a cybercrime gang dubbed ExCobalt. ExCobalt focuses on cyberespionage and includes several members Read More …

Russia slaps sanctions on UK IT sector

Moscow has blacklisted 22 British government officials, members of the IT sector and legal service market as a measure of retaliation, the Russian Foreign Ministry said in a statement. Those blacklisted particularly include employees of British companies, namely Micro Focus, Read More …