lemmydev2

Cybersecurity researchers have discovered a new, large-scale mobile malware campaign that's targeting Android and iOS platforms with fake dating, social networking, cloud storage, and car service apps to steal sensitive personal data. The cross-platform threat has been codenamed SarangTrap by Zimperium zLabs. Users in South Korea appear to be the primary focus. "This extensive campaign involved

Lovense, the maker of internet-connected sex toys, left user emails exposed for months — even after it became aware of the vulnerability. In a blog post spotted by TechCrunch and Bleeping Computer, security researcher BobDaHacker found that they could “turn any username into their email address,” which they could then use to take over someone’s […]

Ernesto Londoño / New York Times: Gov. Tim Walz activates the Minnesota National Guard to help St. Paul address a cyberattack detected Friday that led the city to shut down many of its systems  —  Gov. Tim Walz of Minnesota activated the National Guard to help the city of St. Paul address a cyberattack that was detected last Friday.

New PCI DSS Rules Raise the Bar, Make App Security a MandatePCI DSS 4.0.1 raises the stakes for retailers and e-commerce providers, turning app security best practices into hard requirements. With sophisticated threats on the rise, businesses must adopt integrated solutions to protect digital experiences end-to-end.

Alphabet Inc.’s YouTube will soon begin using artificial intelligence to determine whether viewers in the US are under the age of 18, following increased pressure on the biggest tech companies to strengthen online safety for children.

Recent activity targeting telecom infrastructure is assessed with high confidence to overlap with Liminal Panda activity. The actors used custom tools, tunneling and OPSEC tactics for stealth. The post The Covert Operator's Playbook: Infiltration of Global Telecom Networks appeared first on Unit 42.

The telecom giant, one of the largest in the world with customers in Europe and Africa, said customers are experiencing ongoing disruption to its services due to an unspecified hack.

We have reached a stage where ransomware isn’t simply a cybercrime issue: it is now clearly a business disruptor, a threat to societal trust, and increasingly, a national security crisis. As James Babbage, Director General (Threats) at the UK’s National Crime Agency (NCA), recently noted, ransomware is “a national security threat in its own right, both here and throughout the world.” Alarmingly, despite years of targeted operations, global strategy papers, and industry guidance, ransomware groups … More → The post Ransomware will thrive until we change our strategy appeared first on Help Net Security.

Rising SaaS security threats are being overlooked, new research shows

"This step is necessary to prove I'm not a bot," wrote the bot as it passed an anti-AI screening step.

Plus, 60% don't have enough analysts to make sense of it Too many threats, too much data, and too few skilled security analysts are making companies more vulnerable to cyberattacks, according to the IT and security leaders tasked with protecting these organizations from digital threats.…

Despite knowing the risks, most organizations are still shipping insecure software. That’s one of the stark findings from Cypress Data Defense’s 2025 State of Application Security report, which reveals a worsening crisis in software security. According to the report, 62% of organizations knowingly deploy vulnerable code to meet delivery deadlines. As cyber threats intensify, security teams are struggling with burnout, resource shortages, and a widening disconnect between where budgets go and where the real risks … More → The post Inside the application security crisis no one wants to talk about appeared first on Help Net Security.