FanDuel Sportsbook Bettors Exposed in Mailchimp Breach
The FanDuel online sportsbook has told its users to be on the lookout for phishing cyberattacks in the wake of a breach of its email marketing contractor, Mailchimp. Mailchimp...
7 DeFi protocol hacks in Feb see $21 million in funds stolen: DefiLlama
Reentrancy, price oracle attacks and exploits across seven protocols caused the decentralized finance (DeFi) space to bleed at least $21 million in crypto in February. According to DeFi data analytics platform...
Elden Ring maker Bandai Namco hit by ransomware and data leaks
We take a look at a major ransomware attack impacting video game giant Bandai Namco, laced with the potential threat of data leakage.
It’s not been a great couple...
Technical Advisory – OpenJDK – Weak Parsing Logic in java.net.InetAddress and Related Classes
Vendor: OpenJDK Project
Vendor URL: https://openjdk.java.net
Versions affected: 8-17+ (and likely earlier versions)
Systems Affected: All supported systems
Author: Jeff Dileo
Advisory URL / CVE Identifier: TBD
Risk: Low (implicit data validation bypass)
The private...
Xiaomi Phone Bug Allowed Payment Forgery
Mobile transactions could’ve been disabled, created and signed by attackers.
Smartphone maker Xiaomi, the world’s number three phone maker behind Apple and Samsung, reported it has patched a high-severity flaw...
Ransomware Profits Decline as Victims Dig In, Refuse to Pay
In another sign that the tide may be finally turning against ransomware actors, ransom payments declined substantially in 2022 as more victims refused to pay their attackers — for...
DeFi lender Tender.fi suffers exploit, white hat hacker suspected
An alleged ethical hacker has drained $1.59 million from the decentralized finance (DeFi) lending platform Tender.fi, leading the service to halt borrowing while it attempts to recoup its assets.Web3-focused...
Zero-Day Exploits in SonicWall Email Security Lead to Enterprise Compromise
In March 2021, Mandiant Managed Defense identified three zero-day vulnerabilities in SonicWall’s Email Security (ES) product that were being exploited in the wild. These vulnerabilities were executed in conjunction...
Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics
The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.
Zeppelin ransomware is back and employing new...
Novel Malware Hijacks Facebook Business Accounts
Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.
A new malware is hijacking high-profile...
