ServiceNow Flaw Let Remote Attackers Execute Arbitrary Code
ServiceNow recently disclosed three critical vulnerabilities (CVE-2024-4879, CVE-2024-5217, and CVE-2024-5178) affecting multiple Now Platform versions, allowing unauthenticated remote code execution and unauthorized file access.
The vulnerabilities, with CVSS scores ranging from 6.9 to 9.3, pose...
ERP Provider Exposes 769 Million Records, Including API Keys And Email Addresses
A massive data breach involving ClickBalance, one of Mexico's largest Enterprise Resource Planning (ERP) technology providers, has been uncovered by cybersecurity researcher Jeremiah Fowler.
The breach exposed a staggering 769,333,246 records, totaling 395 GB...
Tools Used By NullBulge Actor, Who Released Disney’s Internal Slack Communications
Hackers often target internal communications tools to obtain confidential information like employee records, business plans, and proprietary technologies.
With these characteristics of trust and openness, internal communications provide valuable but less secure means for cyber-attacks...
BMW Hong Kong Faces Major Data Breach: 14,000 Customer Records Exposed
BMW Hong Kong has reportedly suffered a data breach affecting approximately 14,000 customers. The leak, which came to light on July 16, 2024, has exposed sensitive personal information, raising concerns about customer privacy and...
4000+ Domains Used By FIN7 Actors Mimic Popular Brands
Russian-linked FIN7 (aka Sangria Tempest, ATK32, Carbon Spider, Coreid, ELBRUS, G0008, G0046, and GOLD NIAGARA) is a financial cybercrime group that has been around since 2013 and it specifically targets the US industries.
To achieve...
Evolve Bank Data Breach: 7.6 Million Individuals’ Data Exposed
Evolve Bank & Trust, a prominent financial services institution, has confirmed a data breach that has compromised the personal information of over 7.6 million individuals.
The breach, which occurred on February 9, 2024, was...
Researchers Decrypted DoNex Ransomware And It’s Rebranded Versions
Researchers discovered a flaw in the DoNex ransomware's encryption scheme, allowing them to create a decryptor for DoNex and its predecessors (Muse, fake LockBit 3.0, DarkRace).
The decryptor has been secretly provided to victims since...
STORMOUS Ransomware Group Claiming Breach of HITC Telecom
The notorious STORMOUS ransomware group has publicly claimed responsibility for a breach of HITC Telecom, a major player in the telecommunications industry.
The announcement was made via a post on the social media platform...
Team ARXU Hackers Aggressively Attacking Schools And Bank Servers
Hackers frequently target schools and bank servers to obtain important personal information, including financial data, that can be used for identity theft and financial fraud. These data are also being sold on the dark...
Zadig & Voltaire Breach: 587K Unique Email Address Exposed
The renowned French fashion brand Zadig & Voltaire has suffered a data breach, exposing 587,000 unique email addresses.
The popular data breach notification service Have I Been Pwned confirmed the breach via a tweet...