Nathan Austad admitted in court to launching a credential stuffing attack against a fantasy sports and betting website.
The post Third DraftKings Hacker Pleads Guilty appeared first on SecurityWeek.
700Credit Data Breach Impacts 5.8 Million Individuals
Hackers stole names, addresses, dates of birth, and Social Security numbers from the credit report and identity verification services provider.
The post 700Credit Data Breach Impacts 5.8 Million Individuals appeared first on SecurityWeek.
Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw
Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.
The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek.
In Other News: PromptPwnd Attack, Small macOS Bounties, Chinese Hackers Trained in Cisco Academy
Other noteworthy stories that might have slipped under the radar: Pentagon orders accelerated move to PQC, US shuts down scheme to smuggle GPUs to China, DroidLock Android ransomware.
The post In Other News: PromptPwnd Attack, Small macOS Bounties, Chinese Hackers Trained in Cisco Academy appeared first on SecurityWeek.
Gladinet CentreStack Flaw Exploited to Hack Organizations
Threat actors have hacked at least nine organizations by exploiting the recently patched Gladinet CentreStack flaw.
The post Gladinet CentreStack Flaw Exploited to Hack Organizations appeared first on SecurityWeek.
Fieldtex Data Breach Impacts 238,000
The Akira ransomware group took credit for the Fieldtex Products hack in November, claiming to have stolen 14 Gb of data.
The post Fieldtex Data Breach Impacts 238,000 appeared first on SecurityWeek.
Recent GeoServer Vulnerability Exploited in Attacks
Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request.
The post Recent GeoServer Vulnerability Exploited in Attacks appeared first on SecurityWeek.
MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities
XSS remains the top software weakness, followed by SQL injection and CSRF. Buffer overflow issues and improper access control make it to top 25.
The post MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities appeared first on SecurityWeek.
Microsoft Bug Bounty Program Expanded to Third-Party Code
All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services.
The post Microsoft Bug Bounty Program Expanded to Third-Party Code appeared first on SecurityWeek.
Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking
Notepad++ found a vulnerability in the way the software updater authenticates update files.
The post Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking appeared first on SecurityWeek.
