Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. “Credential stuffing is a type of attack in which hackers use automation and lists of compromised usernames and passwords to defeat authentication and authorization mechanisms, with the end goal of account takeover (ATO) and/or data…

Russian nation-state hackers have exploited a recent Microsoft email compromise to steal the emails of government agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) has reiterated in a new alert. The warning ordered agencies to urgently check their email systems for signs of compromise and report back by April 30 if they believe specific…

Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets. The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet…

“Software supply chain attacks are at the top of all CISOs’ minds,” says ReliaQuest CISO Jeff Music. Music attributes the popularity of software supply chain attacks to the fact that these attacks are relatively easy to conduct and have a significant payoff for the attacker. “This is especially the case if the vulnerable hardware or…

The company disclosed the incident in a regulatory filing on March 10, when it admitted that the attack caused some disruption and involved unauthorized access to some of its IT systems. However, MarineMax said at the time that the breached environment did not store any sensitive data. Roughly 10 days later, the Rhysida ransomware group…

The holy month of Ramadan is a period where Middle East-based companies step up cybersecurity with extra vigilance and outsourced support amid shortened working hours and increased e-commerce activity. The ninth month of the Muslim calendar is observed around the world as followers take the time to reflect and practice fasting, and cybersecurity teams often…

The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican…

The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign. It said “new project creation and new user registration” was temporarily halted to mitigate what it said was a “malware upload campaign.” The incident was resolved 10 hours…