In a stunning revelation, Michigan-based breakfast cereal company WK Kellogg Co. suffered a significant data breach tied to vulnerabilities in Cleo file-transfer software. The breach occurred on December 7, 2024, compromising at least one employee’s sensitive information, including their name and Social Security number. WK Kellogg Co. discovered the hack on February 27, 2025, and later confirmed that Cleo was
In an alarming development, a sophisticated phishing scam targeting hotel staff has surfaced, employing emails that appear to originate from the trusted online travel agency Booking.com. Cybersecurity firm Malwarebytes recently identified this nefarious attack, which aims to breach hotel networks by deceiving employees into executing malicious commands. These fraudulent emails prompt staff to confirm reservations by clicking on a link,
Artificial Intelligence (AI) has revolutionized various industries, providing unprecedented advancements in numerous fields. However, this technology has also introduced new challenges, particularly in cybersecurity. The rise of AI-crafted email attacks marks a significant milestone, as these malicious efforts have now surpassed the capabilities of human-generated phishing attempts. This shift signifies the dawn of a more dangerous era for cybersecurity, rendering
The rise in smishing (SMS phishing) scams targeting toll service users has become a pressing concern in the US and UK, propelled by a China-based cybercriminal group known as the Smishing Triad. These scams involve sending fraudulent SMS and iMessage texts that mimic trusted toll agencies such as FasTrak, E-ZPass, and I-Pass. The messages claim recipients owe unpaid toll bills
The US National Institute of Standards and Technology (NIST) recently made a significant decision affecting the cybersecurity landscape by marking all Common Vulnerabilities and Exposures (CVEs) published before January 1, 2018, as “Deferred” in the National Vulnerability Database (NVD). This move impacts over 20,000 entries and potentially up to 100,000, signaling that these CVEs will no longer be prioritized for
Malicious actors have taken advantage of SourceForge, a reputable software hosting platform, to propagate cryptocurrency miner and clipper malware, masquerading as cracked versions of popular applications. This deceptive tactic lures users into downloading harmful software under the guise of legitimate programs such as Microsoft Office, exposing them to significant cybersecurity threats. Malicious Projects Masquerading as Legitimate Software Kaspersky, a well-regarded
The Trump administration’s proposed cuts to the Cybersecurity and Infrastructure Security Agency (CISA) have ignited significant criticism and debate over potential impacts on national security. Reports indicate that up to 1,300 jobs could be eliminated through terminations and buyouts, raising serious concerns among Congressional members and cybersecurity experts. The timing of these cuts is particularly alarming given the increasing cyber
In the realm of cybersecurity, the challenge of managing numerous vulnerabilities is ever-present.In a decisive move aimed at improving efficiency, the National Institute of Standards and Technology (NIST) recently introduced a new protocol. This protocol marks all Common Vulnerabilities and Exposures (CVEs) registered before January 1, 2018, as “deferred” within the National Vulnerability Database (NVD). The NVD is an essential
IBM has recently introduced the z17 mainframe, a cutting-edge system meticulously designed for AI computing, reflecting a significant advancement within its Z Systems product line.Scheduled for general availability on June 18, the z17 is poised to revolutionize the execution of generative and predictive AI workloads and bolster multi-model applications. Featuring high-capacity Telum II processors, the units are prepared for IBM’s
Amazon is set to launch a significant batch of satellites for its Project Kuiper on April 9th. The “KA-01” mission, utilizing a United Launch Alliance (ULA) Atlas V rocket, will deploy 27 satellites at an altitude of 280 miles. This launch, occurring at Cape Canaveral, Florida, marks Amazon’s strategic foray into providing global low-latency satellite broadband. Enhancing Global Connectivity Project
EncryptHub, a cybercriminal with a decade-long presence in the digital underworld, has recently drawn attention for an unexpected divergence from his usual illicit activities.Microsoft praised EncryptHub for disclosing critical security flaws in Windows, specifically CVE-2025-24061 and CVE-2025-24071. These flaws, if exploited, could have had severe implications for global cybersecurity. This intriguing blend of cybercriminal pursuits and legitimate contributions to cybersecurity
A sophisticated supply chain attack on GitHub repositories has brought to light critical vulnerabilities within the software development ecosystem, particularly within CI/CD frameworks.This incident, ignited by a single stolen token, significantly impacted over 200 repositories, spotlighting the potential for even limited breaches to ripple through an interconnected network. The attackers demonstrated a high level of technical expertise and strategic planning,
