Author: We Fix PC

Written by Ivan Milenkovic, Vice President Risk Technology EMEA, Qualys For the better part of the last decade,we have engaged in a comfortable fiction around security and development. If we could only “shift left” and get developers to take a modicum more responsibility for security alongside their coding, testing and infrastructure deployment, the digital world […]

PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. The incident affected the PayPal Working Capital (PPWC) loan app, which provides small businesses with quick access to financing. PayPal discovered the breach on […]

The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack. UMMC has over 10,000 employees and, as one of the largest employers in Mississippi, operates seven hospitals, 35 clinics, and more than 200 telehealth sites statewide. The medical center includes the state’s only children’s hospital, only […]

The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM “jackpotting” attacks, in which criminals use malware to force cash machines to dispense money. According to a Thursday FBI flash alert, more than 700 ATM jackpotting incidents were reported last year alone in a significant spike compared […]

A Ukrainian national was sentenced to five years in prison for providing North Korean IT workers with stolen identities that helped them infiltrate U.S. companies. 39-year-old Oleksandr Didenko of Kyiv, Ukraine, pleaded guilty in November 2025 to aggravated identity theft and wire fraud conspiracy after being arrested in Poland in May 2024. This week, he […]

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications. VoIP communication equipment from Grandstream Networks is being used by small and medium businesses. The maker’s GXP product line is part of the company’s high-end offering for businesses, schools, hotels, and Internet Telephony Service Providers (ITSP) […]

Google says that through 2025, it blocked more than 255,000 Android apps from obtaining excessive access to sensitive user data and rejected over 1.75 million apps from being published on Google Play due to policy violations. The tech giant’s annual review of Android and Google Play security reveals how effective the implemented protection measures were in […]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems within three days against a maximum-severity Dell vulnerability that has been under active exploitation since mid-2024. According to security researchers from Mandiant and the Google Threat Intelligence Group (GTIG), this hardcoded-credential vulnerability (CVE-2026-22769) in Dell’s RecoverPoint (a solution used for VMware virtual machine backup and […]

Modern infostealers have expanded credential theft far beyond usernames and passwords. Over the past year, campaigns have accelerated, targeting users with little distinction between corporate employees and individuals on personal devices. These infections routinely harvest credentials alongside broader session data and user activity. The resulting datasets are aggregated and sold by initial access brokers, then […]