A significant data breach has impacted Access Personal Checking Services (APCS), a major UK-based provider of criminal background checks. The breach originated from a compromise at Intradev.

Security researchers have uncovered that the Chrome extension "FreeVPN.One", previously considered trustworthy, has begun capturing and exfiltrating screenshots of users' browsing activity without consent.

On August 20, China experienced a significant and deliberate disruption of outbound internet traffic. The disruption targeted TCP port 443, effectively severing access to global HTTPS services for over an hour.

A new attack campaign is targeting Apache ActiveMQ servers by exploiting CVE-2023-46604, a critical vulnerability with a CVSS score of 9.8. Threat actors are deploying a custom Linux malware dubbed DripDropper to establish persistence.

Colt Technology Services says a "cyber incident" is to blame for its customer portal and other services being down for a number of days. The issues began on August 12 when a reported incident led to disrupted services for some customers.

Attackers continue to exploit CVE-2017-11882, a remote code execution vulnerability in Microsoft Office's Equation Editor, despite it being patched in 2017 and the component being removed in 2018.

The Pennsylvania Office of Attorney General (OAG) is experiencing a major service outage due to a suspected cyber incident. The disruption has rendered its website, email systems, and phone lines inoperable for two consecutive days.

A major security lapse in TeleMessage, a Signal clone used by U.S. government officials, has led to the exposure of 410GB of sensitive communications. Over 780 CBP officer emails were compromised.

Researchers revealed critical vulnerabilities in satellite and ground station software that could allow attackers to hijack or disable space assets. Exploitation of these bugs could allow attackers to take full control of satellite systems and more.

Google has confirmed a data breach involving one of its Salesforce instances, attributed to the threat actor group UNC6040, linked to the notorious ShinyHunters. The attackers accessed contact information and related notes of SMB customers.