A threat actor is abusing Cloudflare Tunnels for the delivery of a Python loader as part of a complex infection chain. The post Cloudflare Tunnels Abused in New Malware Campaign appeared first on SecurityWeek.

Krispy Kreme is sharing more information on the data breach resulting from the ransomware attack targeting the company in 2024.  The post 161,000 People Impacted by Krispy Kreme Data Breach appeared first on SecurityWeek.

Personal data of former and current council workers, including election staff, may have been accessed by hackers. The post Hackers Access Legacy Systems in Oxford City Council Cyberattack appeared first on SecurityWeek.

Israel-linked Predatory Sparrow hackers torched more than $90 million at Iran’s largest cryptobank as Israel-Iran cyberwar escalates. The post Predatory Sparrow Burns $90 Million on Iranian Crypto Exchange in Cyber Shadow War appeared first on SecurityWeek.

Trend Micro and ReversingLabs uncovered over 100 GitHub accounts distributing malware embedded in open source hacking tools. The post New Campaigns Distribute Malware via Open Source Hacking Tools appeared first on SecurityWeek.

News broke today of a “mother of all breaches,” sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. […]

A new version of the Android malware “Godfather” creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps. […]

Cybercriminals no longer need zero-days to breach your systems—these days, they just log in. Join BleepingComputer, SC Media, and Specops Software’s Darren Siegel on July 9 at 2:00 PM ET for a live webinar on how attackers are using stolen credentials to infiltrate networks and how you can stop them. […]