The attack employs an innovative technique that exploits Stripe’s deprecated API to verify card details before exfiltration – ensuring only valid payment information is harvested while maintaining a seamless customer experience that evades detection.

Devil-Traff is a platform offering bulk SMS services designed for high-volume messaging. Its features—such as sender ID customization, API integration, and support for “black content”—make it an ideal resource for cybercriminals.

The vulnerability impacts all hardware and firmware revisions of DSR-150 and DSR-150N, and also DSR-250 and DSR-250N. These VPN routers, popular in home office and small business set­t­ings,?reached their end of service on May 1.

As per a recent Microsoft alert, a threat actor with malicious financial motives has been observed leveraging a new INC ransomware strain to target the health sector in the United States (US).

Canonical has released security updates for Ubuntu 16.04 ESM and Ubuntu 18.04 ESM to address multiple vulnerabilities in Git, a powerful and widely-used distributed version control system.

Miggo has uncovered a security flaw in AWS Load Balancer that could allow cybercriminals to bypass authentication and authorization services, potentially affecting over 15,000 applications.

The GuidePoint Research and Intelligence Team (GRIT) discovered attacker domain names and IP addresses targeting over 130 US organizations through a campaign that begins by stealing credentials and passcodes using social engineering tactics.

The $27 million in costs included insurance recoveries, investigation and remediation costs, customer notifications, legal fees, and settlement costs for a class-action lawsuit.

A recent analysis using HYAS Insight threat intelligence revealed a trend in dynamic DNS registrations originating from Turkey in 2024, with DarkComet malware representing over 50% of the malicious domains identified.

ANSSI warned about a hacking group linked to Russia's SVR targeting French diplomatic interests. The group has compromised email accounts at the French Ministry of Culture and the National Agency for Territorial Cohesion