Tag: security

A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. According to a report by Fairlinked e.V., which claims to be an association of commercial LinkedIn users, Microsoft’s platform injects JavaScript into user sessions that checks for thousands of […]

Telehealth giant Hims & Hers Health is warning that it suffered a data breach after support tickets were stolen from a third-party customer service platform. Hims & Hers is an American telehealth company specializing in the direct-to-consumer healthcare space, providing subscription-based treatments for hair loss, ED, mental health, skincare, weight loss, and other conditions or […]

The Qilin ransomware group has stolen data from Die Linke, a German democratic socialist political party, and is threatening to leak it. On March 27, a day after the threat actor compromised its network, the party disclosed a cyber incident but stopped short of confirming a data breach. Founded in 2007, the Die Linke (Left […]

Ransomware’s Real-World Impact Across Industries In February 2026, the University of Mississippi Medical Center (UMMC)fellvictim to a ransomware attack. The incident took the Epic electronic health record systemoffline across 35 clinics and more than 200 telehealth sites, forcing the cancellation of chemotherapy appointments and the postponement of non-emergency surgeries. Medical staff were required to revert […]

Researchers warn that residential proxies used to route malicious traffic are a big problem for IP reputation systems, as there is no clear distinction between attackers and legitimate users. This occurs because residential proxies are too short-lived, uninvolved, or systematically rotated, preventing defense systems from cataloging them in time. Cybersecurity intelligence platform GreyNoise determined this after examining a […]

Fraud operations have expanded beyond traditional hacking techniques to include methods that exploit legitimate services and real-world infrastructure. By combining publicly available data, weak identity verification processes, and operational gaps, threat actors are building scalable fraud workflows that are both low-cost and difficult to detect. A tutorial shared in a fraud-focused chat group and analyzed […]

Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments. Progress ShareFile is a document sharing and collaboration product typically used by large and mid-sized companies. Such solutions are an attractive target for ransomware actors, as previously seen in Clop data-theft attacks exploiting bugs in Accellion […]

A new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, and clipboard hijacking capabilities. The malware emerged in January with a tiered subscription model. Apart from the Telegram channel, the MaaS was also promoted on YouTube, via a dedicated marketing channel that showcased its capabilities. Kaspersky researchers say in a report […]