Tag: mfa bypass is not relevant here
10 articles

Progress Disrupts ShareFile Storage Over Unspecified Security Threat
Progress Software has urgently advised ShareFile customers to take their Windows servers offline due to a credible external security threat, acting swiftly to protect user data despite having no evidence of unauthorized access. The company is working closely with security experts to resolve the issue and restore services.

AI Coding Assistants Exposed to Symlink Flaw
Researchers uncovered a major vulnerability, dubbed GhostApproval, that affects six popular AI coding assistants, allowing attackers to manipulate the code and write malicious data into sensitive files. This flaw uses a clever trick involving deceptively named files and symbolic links to catch AI assistants off guard.

AI Coding Agents Expose Unix-Era Security Flaw
A clever trick that exploits a long-standing Unix security flaw, dubbed GhostApproval, can bypass human approvals in AI coding assistants, rendering consent meaningless. By manipulating a harmless-looking project file, attackers can secretly alter sensitive system settings.

Healthcare Organization Backpedals on Phishing Test Targeting Staff Burnout
Newfoundland and Labrador Health Services is hitting the brakes on a well-intentioned but misguided phishing test that left staff feeling frustrated and burnt out. The healthcare organization has apologized and pledged to review its approach after sending employees a fake email offering an extra paid day off.

Ransomware Attacks Shift to Data Theft Tactics
Ransomware attacks have taken a sinister turn, with a growing number of hackers ditching decryption keys and instead using stolen data to extort their victims. In fact, a recent report found that a whopping 87% of ransomware claims now involve data theft, with encryption becoming a thing of the past.

Ransomware Gangs Test Trust with Data Deletion Promises
Can you ever trust a ransomware gang's promise to delete stolen data? The recent Instructure breach has brought this question to the forefront, leaving victims wondering if paying up is worth the risk of broken promises.

China Builds Covert Hacker Networks with Compromised Routers
China-nexus cyber actors have dramatically changed their game, ditching solo operations for massive networks of hacked devices - and it's a threat you need to know about. A joint advisory from top cyber agencies worldwide warns of this new tactic, urging vigilance in the face of large-scale cyber attacks.

Eset Exposes Chinese Hackers' Careless Backdoor Tactics
Chinese hackers have been caught off guard by their own carelessness, leaving behind a digital trail that exposed their previously undetected backdoor tactics. Researchers uncovered over 9,000 messages revealing the attackers' testing systems and habits, leading to the identification of a Chinese nation-state actor dubbed GopherWhisper.

Microsoft Vulnerabilities Resurface, Fueling Cybercrime and Ransomware
Beware: long-dead Microsoft vulnerabilities are coming back to haunt networks, fueling cybercrime and ransomware attacks. Even a 14-year-old software flaw is being exploited by crooks, putting your network at risk.

Ransomware Attack Cripples Dutch Healthcare IT Firm ChipSoft
A ransomware attack on Dutch healthcare IT firm ChipSoft has left patients and clinicians scrambling, as clinical portals and scheduling tools went dark, disrupting critical care management systems. The devastating cyber incident forced ChipSoft to take its website and digital services offline, leaving many wondering who's left holding the chart.