News

RSS Krebs on Security
  • Phishers Target Aviation Execs to Scam Customers July 24, 2025
    KrebsOnSecurity recently heard from a reader whose boss's email account got phished and was used to trick one of the company's customers into sending a large payment to scammers. An investigation into the attacker's infrastructure points to a long-running Nigerian cybercrime group that is actively targeting established companies in the transportation and aviation industries.
    BrianKrebs
  • Microsoft Fix Targets Attacks on SharePoint Zero-Day July 21, 2025
    On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.S. federal and state agencies, universities, and energy companies.
    BrianKrebs
  • Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai July 18, 2025
    Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald's was exposed after they guessed the password ("123456") for the fast food chain's account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 companies. Paradox.ai said the security oversight was […]
    BrianKrebs
  • DOGE Denizen Marko Elez Leaked API Key for xAI July 15, 2025
    Marko Elez, a 25-year-old employee at Elon Musk's Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over […]
    BrianKrebs
  • UK Arrests Four in ‘Scattered Spider’ Ransom Group July 10, 2025
    Authorities in the United Kingdom this week arrested four alleged members of "Scattered Spider," a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer.
    BrianKrebs
  • Microsoft Patch Tuesday, July 2025 Edition July 9, 2025
    Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft's most-dire "critical" rating, meaning they could be exploited to seize control over vulnerable Windows PCs with […]
    BrianKrebs
  • Big Tech’s Mixed Response to U.S. Treasury Sanctions July 3, 2025
    In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But more than a month later, the accused continues to openly operate accounts at a slew of American tech companies, including Facebook, Github, LinkedIn, PayPal and […]
    BrianKrebs
  • Senator Chides FBI for Weak Advice on Mobile Security June 30, 2025
    Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to […]
    BrianKrebs
  • Inside a Dark Adtech Empire Fed by Fake CAPTCHAs June 12, 2025
    Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark ad tech industry is far more […]
    BrianKrebs
  • Patch Tuesday, June 2025 Edition June 11, 2025
    Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public. 
    BrianKrebs
Verified by MonsterInsights