Author Info

In a recent cybersecurity development, twenty harmful npm packages posing as parts of the Hardhat development environment have targeted Ethereum developers, aiming to steal private keys and sensitive data. More than a thousand downloads of these packages have been reported, illustrating a significant threat to the community. Targeted Attack on

The U.S. Department of Health and Human Services (HHS) is set to introduce substantial reforms to the Health Insurance Portability and Accountability Act (HIPAA) in response to a surge in significant healthcare data breaches. These enhancements aim to safeguard patient information more effectively. Proposed Security Enhancements To bolster the

The U.S. Treasury Department announced a significant cybersecurity breach attributed to suspected Chinese threat actors, affecting the department’s systems and unclassified documents. The incident was caused by the exploitation of an API key from a third-party service provider, BeyondTrust. Incident Overview On December 8, 2024, BeyondTrust, a software

American Addiction Centers, a prominent rehabilitation organization in Brentwood, Tennessee, recently experienced a significant data breach affecting the personal information of 410,747 current and past patients. Details of the Breach In response to inquiries, the Maine Attorney General received notification letters confirming the breach compromised sensitive data—including names,

The Attack and Its Perpetrators Salt Typhoon, also identified as Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286, has been actively compromising government and telecom networks in Southeast Asia since at least 2019. The group’s latest known victim, an American telecom company, emerged after the Biden administration published new guidelines

The Apache Software Foundation (ASF) has released updates to address a severe SQL injection vulnerability in Apache Traffic Control, identified as CVE-2024-45387. Facing a critical Common Vulnerability Scoring System (CVSS) score of 9.9, this flaw impacts the robust Traffic Control solution, which allows operators to establish scalable and distributed

A Brazilian national has been indicted in the United States for cyber extortion after allegedly breaching a substantial number of user accounts and demanding a hefty ransom in Bitcoin. Defendant Junior Barros De Oliveira, aged 29, hailing from Curitiba, Brazil. Indictment Filed by the U.S. Department of Justice (DoJ)

On December 23, 2024, Pittsburgh Regional Transit (PRT) disclosed it was contending with a ransomware attack, discovered initially on December 19. This breach notably disrupted transit services across the Pittsburgh metropolitan area, which PRT serves by operating a diverse array of transportation options, including buses, light rail, and incline services.

A Romanian man, Daniel Christian Hulea, has been sentenced to 20 years in prison following his pivotal involvement in the notorious NetWalker ransomware attacks. Hulea, 30, entered a guilty plea to charges of computer and wire fraud conspiracy on June 20 after admitting to extorting around $21.5 million in