A critical breach of the TeleMessage Signal clone (TM SGNL) exposed sensitive data due to severe misconfigurations. Exploited in under 20 minutes, the breach compromised credentials, unencrypted chat logs, and encryption keys of users.

In a major disruption to global cybercrime infrastructure, the notorious Haowang Guarantee (formerly Huione Guarantee) black market has been shut down following Telegram’s enforcement action.

Newly discovered vulnerabilities in Apple’s AirPlay protocol could allow attackers to move laterally across networks via Wi-Fi, spreading malware between devices. These pose a risk by enabling attackers to exploit wireless connections.

The exposure included more than a million lines of log streams containing chat history, secret keys, backend details, and other highly sensitive information, such as API Secrets and operational metadata.

Google is making passkeys the default login setting for users, aiming to replace passwords and enhance security. Passkeys reduce the risk of phishing attacks and offer a more secure alternative to traditional passwords.

Maksim Sergeevich Galochkin, a member of the Russian cybercrime syndicate Trickbot, has been identified by cybercrime researchers. The identification of Galochkin comes after a comprehensive investigation into leaked data from the Trickbot group.

The HHS' Advanced Research Projects Agency for Health (Arpa-H) launched an initiative to find and help fund the development of cybersecurity technologies that can specifically improve defenses for digital infrastructure in US health care.

The Orion software suite had about 33,000 customers, some of whom had started receiving the hacked software update in March. That meant some customers might have been compromised for eight months already.

Almost a year after the crisis began, a senior White House official told reporters today that the United States plans to provide $25 million in cybersecurity assistance to help Costa Rica strengthen its digital infrastructure.

IC3 reported that BEC—in which attackers trick businesses into making bogus payments or intercept legitimate payments—resulted in nearly $2.4 billion worth of losses in 2021 and $2.7 billion in 2022.