Okta warns of "unprecedented" credential stuffing attacks on customers (www.bleepingcomputer.com)
Fake job interviews target developers with new Python backdoor (www.bleepingcomputer.com)
London Drugs pharmacy chain closes stores after cyberattack (www.bleepingcomputer.com)
Canadian pharmacy chain London Drugs has closed all its retail stores to contain what it described as a “cybersecurity incident.”
Collection agency FBCS warns data breach impacts 1.9 million people (www.bleepingcomputer.com)
Financial Business and Consumer Solutions (FBCS) is warning 1,955,385 impacted individuals in the United States that the company suffered a data breach after discovering unauthorized access to specific systems in its network.
Japanese police create fake support scam payment cards to warn victims (www.bleepingcomputer.com)
Fake job interviews target developers with new Python backdoor (www.bleepingcomputer.com)
New Brokewell malware takes over Android devices, steals data (www.bleepingcomputer.com)
Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches.
LA County Health Services: Patients' data exposed in phishing attack (www.bleepingcomputer.com)
The Los Angeles County Department of Health Services disclosed a data breach after thousands of patients’ personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees.
WP Automatic WordPress plugin hit by millions of SQL injection attacks (www.bleepingcomputer.com)
New Brokewell malware takes over Android devices, steals data (www.bleepingcomputer.com)
UnitedHealth confirms it paid ransomware gang to stop data leak (www.bleepingcomputer.com)
The UnitedHealth Group has confirmed that it paid a ransom to cybercriminals to protect sensitive data stolen during the Optum ransomware attack in late February.
Ring customers get $5.6 million in privacy breach settlement (www.bleepingcomputer.com)
The Federal Trade Commission is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections.
New Brokewell malware takes over Android devices, steals data (www.bleepingcomputer.com)
Researchers sinkhole PlugX malware server with 2.5 million unique IPs (www.bleepingcomputer.com)
Windows 11 KB5036980 update goes live with Start Menu ads (www.bleepingcomputer.com)
Microsoft has enabled Start menu ads in the optional KB5036980 preview cumulative update for Windows 11 22H2 and 23H2.
CoralRaider attacks use CDN cache to push info-stealer malware (www.bleepingcomputer.com)
Windows 11 KB5036980 update goes live with Start Menu ads (www.bleepingcomputer.com)
Hackers hijack antivirus updates to drop GuptiMiner malware (www.bleepingcomputer.com)
GitLab affected by GitHub-style CDN flaw allowing malware hosting (www.bleepingcomputer.com)
Related to: GitHub comments abused to push malware via Microsoft repo URLs
Microsoft: APT28 hackers exploit Windows flaw reported by NSA (www.bleepingcomputer.com)
Synlab Italia suspends operations following ransomware attack (www.bleepingcomputer.com)
Synlab Italia has suspended all its medical diagnostic and testing services after a ransomware attack forced its IT systems to be taken offline.
MITRE says state hackers breached its network via Ivanti zero-days (www.bleepingcomputer.com)
GitHub comments abused to push malware via Microsoft repo URLs (www.bleepingcomputer.com)
HelloKitty ransomware rebrands, releases CD Projekt and Cisco data (www.bleepingcomputer.com)
Critical Forminator plugin flaw impacts over 300k WordPress sites (www.bleepingcomputer.com)
