Cybercriminals exploited bugs in the world’s largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users.
A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails; employees’ emails; and more.
Anurag Kahol, CTO & co-founder at Bitglass, offers tips for avoiding implementation pitfalls for zero trust.
An anonymous user posted a link to a 125GB torrent to 4chan yesterday, containing all of Twitch’s source code, comments going back to its inception and more.
Joseph Carson, Chief Security Scientist at ThycoticCentrify, offers a 7-step practical IR checklist for ensuring a swift recovery from a cyberattack.
The Compound cryptocurrency exchange accidentally botched a platform upgrade and distributed millions in free COMP tokens to users – then threatened to dox the recipients.
Jason Kent, hacker-in-residence at Cequence Security, discusses how to track user-agent connections to mobile and desktop APIs, to spot malicious activity.
Newly discovered code resembles the Kazuar backdoor and the Sunshuttle second-stage malware distributed by Nobelium in the SolarWinds supply-chain attacks.
A campaign is stealing one-time password tokens to gain access to PayPal, Apple Pay and Google Pay, among others.
The unredacted RCE exploit allows unauthenticated, remote attackers to upload files to the vCenter Server analytics service.