Rockstar Games has suffered a data breach linked to a recent security incident at Anodot, with the ShinyHunters extortion gang now leaking the stolen data on its data leak site. […]
Stolen Rockstar Games analytics data leaked by extortion gang Read More »
Dutch fitness giant Basic-Fit announced that hackers breached its systems and gained access to information belonging to a million of its customers. […]
European Gym giant Basic-Fit data breach affects 1 million members Read More »
OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious Axios package during a recent supply chain attack. […]
OpenAI rotates macOS certs after Axios attack hit code-signing workflow Read More »
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware Read More »
Booking.com has confirmed via a statement to BleepingComputer that it has detected unauthorized access to its systems that has exposed sensitive reservation and user data. […]
New Booking.com data breach forces reservation PIN resets Read More »
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations. It has been described
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Read More »
Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads Read More »
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised. “Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident Read More »
Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that has been exploited in zero-day attacks since at least December. […]
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw Read More »
New “Storm” infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA. […]
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side Read More »