A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections.

An ongoing distributed denial of service (DDoS) attack targets Bohemia Interactive's infrastructure, preventing players of DayZ and Arma Reforger from playing the games online.

Discovered by Check Point vulnerability researcher Haifei Li and tracked as CVE-2024-21413, the flaw is caused by improper input validation when opening emails with malicious links using vulnerable Outlook versions.

The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply the available security updates as soon as possible.

The FCC has proposed a $4,492,500 fine against VoIP service provider Telnyx for allegedly allowing customers to make robocalls posing as fictitious FCC "Fraud Prevention Team," by failing to comply with Know Your Customer (KYC) rules.

The attack started with the threat actors exploiting the vulnerabilities in the SimpleHelp RMM client, tracked as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, to establish an unauthorized connection to a target endpoint.

The 22-year-old Canadian national allegedly exploited flaws in the automated smart contracts used by the KyberSwap and Indexed Finance decentralized exchange aggregators and operators of digital token liquidity pools on the Ethereum network.

Edge devices are often targeted and compromised because they don't support Endpoint Detection and Response (EDR) solutions, allowing threat actors to gain initial access to the targets' internal enterprise networks.

A 59-year-old man from Irvine, California, was sentenced to 87 months in prison for his involvement in an investor fraud ring that stole $50 million between 2012 and October 2020.

As per the findings of Fortinet's Fortiguard researchers, the attack suite is named "ELF/Sshdinjector.A!tr" and consists of a collection of malware injected into the SSH daemon to perform a broad range of actions.