Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: attack Clear Filter

Phishers have found a way to downgrade—not bypass—FIDO MFA

Researchers recently reported encountering a phishing attack in the wild that bypasses a multifactor authentication scheme based on FIDO (Fast Identity Online), the industry-wide standard being adopted by thousands of sites and enterprises. If true, the attack, reported in a blog post Thursday by security firm Expel, would be huge news, since FIDO is widely regarded as being immune to credential phishing attacks. After analyzing the Expel write-up, I’m confident that the attack doesn’t bypass F

A surveillance vendor was caught exploiting a new SS7 attack to track people’s phone locations

Security researchers say they have caught a surveillance company in the Middle East exploiting a new attack capable of tricking phone operators into disclosing a cell subscriber’s location. The attack relies on bypassing security protections that carriers have put in place to protect intruders from accessing SS7, or Signaling System 7, a private set of protocols used by the global phone carriers to route subscribers’ calls and text messages around the world. SS7 also allows the carriers to req

Hacker steals $27 million in BigONE exchange crypto breach

Cryptocurrency exchange BigONE disclosed that hackers stole various digital assets valued at $27 million in an attack yesterday. The platform announced that private keys and user data remain unaffected by the intrusion and any customers that incurred losses will be reimbursed from available reserves. “In the early hours of July 16, BigONE detected abnormal movements involving a portion of the platform’s assets,” reads the announcement. “Upon investigation, it was confirmed to be the result of

Co-op confirms data of 6.5 million members stolen in cyberattack

UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the massive cyberattack in April that shut down systems and caused food shortages in its grocery stores. Co-op (short for the Co-operative Group) is one of the United Kingdom's largest consumer co-operatives, operating food stores, funeral services, insurance, and legal services. It is owned by millions of members who receive discounts on services and share in the company's governance. Co-op's CEO, Shirine

Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group

An international law enforcement operation dubbed "Operation Eastwood" has targeted the infrastructure and members of the pro-Russian hacktivist group NoName057(16), responsible for distributed denial-of-service (DDoS) attacks across Europe, Israel, and Ukraine. Operation Eastwood was led by Europol and Eurojust with support from 12 countries. It took place on July 15, 2025, and targeted the systems and individuals behind the group's activities. NoName057(16) is a pro-Russian hacking group tha

Co-op boss says sorry to 6.5m people who had data stolen in hack

Co-op boss says sorry to 6.5m people who had data stolen in hack 15 minutes ago Share Save Joe Tidy Cyber correspondent, BBC World Service Imran Rahman-Jones Technology reporter Share Save Getty Images The chief executive of Co-op has confirmed all 6.5 million of its members had their data stolen in a cyber-attack on the retailer in April. "I'm devastated that information was taken. I'm also devastated by the impact that it took on our colleagues as well as they tried to contain all of this,"

Interlock ransomware adopts new FileFix attack to push malware

Hackers have adopted the new technique called 'FileFix' in Interlock ransomware attacks to drop a remote access trojan (RAT) on targeted systems. Interlock ransomware operations have increased over the past months as the threat actor started using the KongTuke web injector (aka 'LandUpdate808') to deliver payloads through compromised websites. This shift in modus operandi was observed by researchers at The DFIR Report and Proofpoint since May. Back then, visitors of compromised sites were prom

Interlock ransomware adopts FileFix method to deliver malware

Hackers have adopted the new technique called 'FileFix' in Interlock ransomware attacks to drop a remote access trojan (RAT) on targeted systems. Interlock ransomware operations have increased over the past months as the threat actor started using the KongTuke web injector (aka 'LandUpdate808') to deliver payloads through compromised websites. This shift in modus operandi was observed by researchers at The DFIR Report and Proofpoint since May. Back then, visitors of compromised sites were prom

Nvidia chips become the first GPUs to fall to Rowhammer bit-flip attacks

Nvidia is recommending a mitigation for customers of one of its GPU product lines that will degrade performance by up to 10 percent in a bid to protect users from exploits that could let hackers sabotage work projects and possibly cause other compromises. The move comes in response to an attack a team of academic researchers demonstrated against Nvidia’s RTX A6000, a widely used GPU for high-performance computing that’s available from many cloud services. A vulnerability the researchers discove

Google Gemini flaw hijacks email summaries for phishing

Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. Such an attack leverages indirect prompt injections that are hidden inside an email and obeyed by Gemini when generating the message summary. Despite similar prompt attacks being reported since 2024 and safeguards being implemented to block misleading responses, the technique

Four arrested in connection with M&S and Co-op cyber-attacks

Four arrested in connection with M&S and Co-op cyber-attacks 17 minutes ago Share Save Joe Tidy Cyber correspondent, BBC World Service Share Save Getty Images / PA Four people have been arrested by police investigating the cyber-attacks that have caused havoc at M&S and the Co-op. The National Crime Agency (NCA) says a 20-year-old woman was arrested in Staffordshire, and three males - aged between 17 and 19 - were detained in London and the West Midlands. They were apprehended on suspicion of

Ingram Micro starts restoring systems after ransomware attack

Ingram Micro has begun restoring systems and business services after suffering a massive SafePay ransomware attack right before the July 4th holiday. Last Thursday, IT distributor and services giant Ingram Micro suffered a global outage, with their website and ordering systems taken offline, and employees told to work from home. Saturday morning, BleepingComputer exclusively reported that a SafePay ransomware attack was behind the outage, with the company confirming a ransomware attack later t

M&S confirms social engineering led to massive ransomware attack

M&S confirmed today that the retail outlet's network was initially breached in a "sophisticated impersonation attack" that ultimately led to a DragonForce ransomware attack. M&S chairman Archie Norman revealed this in a hearing with the UK Parliament's Business and Trade Sub-Committee on Economic Security regarding the recent attacks on the retail sector in the country. While Norman did not go into details, he stated that the threat actors impersonated one of the 50,000 people working with the

Employee gets $920 for credentials used in $140 million bank heist

Hackers stole nearly $140 million from six banks in Brazil by using an employee's credentials from C&M, a company that offers financial connectivity solutions. The incident reportedly occurred on June 30, after the attackers bribed the employee to give them his account credentials and perform specific actions that would help their operations. Insider threat According to Brazilian media reports, the employee (João Nazareno Roque) sold his corporate credentials to the hackers for roughly $920,

Ingram Micro outage caused by SafePay ransomware attack

An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Ingram Micro is one of the world's largest business-to-business technology distributors and service providers, offering a range of solutions including hardware, software, cloud services, logistics, and training to resellers and managed service providers worldwide. Since Thursday, Ingram Micro's website and online ordering systems have b

‘Hot Spring Shark Attack’ Is Goofy and It Knows It

If you’re looking for adventure horror filled with toothy creatures and slick special effects, buy a ticket for Jurassic World Rebirth. On a much smaller scale, however, there’s another new movie whose title says it all: Hot Spring Shark Attack. How does a shark big enough to chomp on a person find its way into a hot spring? And how does a town dependent on tourism deal with this extremely inconvenient new threat? All is revealed in the goofiest ways. Hot Spring Shark Attack being released so c

A Group of Young Cybercriminals Poses the ‘Most Imminent Threat’ of Cyberattacks Right Now

Empty grocery store shelves and grounded planes tend to signal a crisis, whether it’s an extreme weather event, public health crisis, or geopolitical emergency. But these scenes of chaos in recent weeks in the United Kingdom, United States, and Canada were caused instead by financially motivated cyberattacks—seemingly perpetrated by a collective of joyriding teens. A notorious cybercriminal group often called Scattered Spider is known for using social engineering techniques to infiltrate target

Qantas data breach sees up to 6M customer records at risk

A Qantas data breach resulting from a cybersecurity attack has put up to 6M customer records at risk of exposure, with names, email addresses, phone numbers, and dates of birth confirmed to be included. The hack was of a contact center database operated by one of the airline’s partners … Qantas says it is too early to determine how many customers have been affected, but says it expects it to be a “significant” proportion of the 6M total. On Monday, we detected unusual activity on a third party

AT&T rolls out "Wireless Lock" feature to block SIM swap attacks

AT&T has launched a new security feature called "Wireless Lock" that protects customers from SIM swapping attacks by preventing changes to their account information and the porting of phone numbers while the feature is enabled. This new feature has been available for some customers for almost a year and has now been rolled out to all AT&T customers. SIM swap attacks are when cybercriminals port, or move, a targeted phone number to a device under their control. This allows them to intercept the

New FileFix attack runs JScript while bypassing Windows MoTW alerts

A new FileFix attack allows executing malicious scripts while bypassing the Mark of the Web (MoTW) protection in Windows by exploiting how browsers handle saved HTML webpages. The technique, was devised by security researcher mr.d0x Last week, the researcher showed how the first FileFix method worked as an alternative to 'ClickFix' attacks by tricking users into pasting a disguised PowerShell command into the File Explorer address bar. The attack involves a phishing page to trick the victim in

PSA: If you have a Brother printer, change the password now

Almost 700 Brother printer models have been found to contain a number of serious security flaws that could allow an attacker to access other devices on your network, and potentially access your documents. The same is true of some printer models made by Fujifilm, Toshiba, Ricoh, and Konica Minolta … Cybersecurity company Rapid7 discovered eight vulnerabilities affecting 689 Brother printers, and 46 models from other brands. The most egregious of these is that the default password of each printe

Google fixes fourth actively exploited Chrome zero-day of 2025

Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. "Google is aware that an exploit for CVE-2025-6554 exists in the wild," the browser vendor said in a security advisoryissued on Monday. "This issue was mitigated on 2025-06-26 by a configuration change pushed out to Stable channel across all platforms." The company fixed the zero-day for users in the Stable Desktop channel, w

U.S. warns of Iranian cyber threats on critical infrastructure

U.S. cyber agencies, the FBI, and NSA issued an urgent warning today about potential cyberattacks from Iranian-affiliated hackers targeting U.S. critical infrastructure. CISA says there are no indications of an ongoing campaign but urges critical infrastructure organizations and other potential targets to monitor their defense due to the current unrest in the Middle East and cyber attacks previously linked to Iran. In a joint fact sheet, the cyber agencies warn that Defense Industrial Base (DI

Microsoft Defender for Office 365 now blocks email bombing attacks

Microsoft says its Defender for Office 365 cloud-based email security suite will now automatically detect and block email bombing attacks. Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection or Office 365 ATP) protects organizations operating in high-risk industries and dealing with sophisticated threat actors from malicious threats from email messages, links, and collaboration tools. "We're introducing a new detection capability in Microsoft Defender for Office 36

Alleged Verizon data breach sees 61M customer records offered for sale

An alleged Verizon data breach has seen hackers offering for sale a database of 61 million customer records, which includes personal information useful for both phishing attempts and identity theft. The sample data supplied includes name, full postal address, date of birth, email address, phone number(s), tax identification code, and other ID codes … Security researchers at SafetyDetectives said that the data was being offered for sale, but the samples posted were too small to confirm the vera

Cloudflare blocks largest DDoS attack - here's how to protect yourself

oxygen/Getty Cloudflare is a robust content delivery network (CDN) that specializes in providing protection against distributed denial of service (DDoS) attacks. Last month, Cloudflare blocked the largest DDoS attack in internet history. This assault peaked at a staggering 7.3 terabits per second (Tbps). That's a data deluge, equivalent to streaming nearly 10,000 high-definition movies in under a minute. The attack targeted an unnamed hosting provider using Cloudflare's Magic Transit DDoS pro

Scattered Spider hackers shift focus to aviation, transportation firms

Hackers associated with "Scattered Spider" tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors These threat actors have employed a sector-by-sector approach, initially targeting retail companies, such as M&S and Co-op, in the United Kingdom and the United States and subsequently shifting their focus to insurance companies. While the threat actors were not officially named as responsible for insurance sector

Brother printer bug in 689 models exposes default admin passwords

A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers. The flaw, tracked under CVE-2024-51978, is part of a set of eight vulnerabilities discovered by Rapid7 researchers during a lengthy examination of Brother hardware. CVE Description Affected Service CVSS CVE-2024-51977 An unau

Homeland Security warns of Iran-backed cyberattacks targeting US networks

In Brief A bulletin issued Sunday by U.S. Homeland Security said it expects to see Iranian government-backed hackers conduct attacks against U.S. networks, amid the ongoing conflict between the U.S. and Israel, and Iran. The National Terrorism Advisory System bulletin said low-level cyberattacks by hacktivists are “likely,” adding that hacktivists and government-linked hackers “routinely target” poorly secured U.S. networks and internet-connected devices to cause disruption. The bulletin was

CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks

CISA has confirmed that a maximum severity vulnerability in AMI's MegaRAC Baseboard Management Controller (BMC) software is now actively exploited in attacks. The MegaRAC BMC firmware provides remote system management capabilities for troubleshooting servers without being physically present, and it's used by several vendors (including HPE, Asus, and ASRock) that supply equipment to cloud service providers and data centers. This authentication bypass security flaw (tracked as CVE-2024-54085) ca