attack
-
Blog
Cyber attack that shut down schools in New Mexico claimed by ransomware gang
Ransomware gang Interlock today claimed responsibility for a February 2025 cyber attack on the Aztec Municipal School District in New Mexico. The school district announced a network outage on February 24, 2025 forced schools to cancel classes. It reopened on March 3, 2025, but as of time if writing, the district is still recovering systems and restricting access to the…
Read More » -
Blog
Western Alliance Bank admits cyber attack exposed 22,000 customers
An American bank has admitted nearly 22,000 customers had their accounts compromised following an attack that targeted a zero-day flaw in a third-party file-transfer tool. In a regulatory filing, Arizona-based Western Alliance Bank said attackers had access between 12 and 24 October last year, though the bank reportedly only became aware of the attack in January. Hackers accessed customers’ names,…
Read More » -
Blog
GitHub Action hack likely led to another in cascading supply chain attack
A cascading supply chain attack that began with the compromise of the “reviewdog/action-setup@v1” GitHub Action is believed to have led to the recent breach of “tj-actions/changed-files” that leaked CI/CD secrets. Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories. If those logs had been…
Read More » -
Blog
Millions of RSA encryption keys could be vulnerable to attack
Millions of RSA encryption keys contain major flaws, making them vulnerable to attack, according to new research. Analysis from Keyfactor found around 1 in 172 of all certificates found online are susceptible to compromise through a mathematical attack, equating to potentially millions of keys. The vulnerability mainly affects Internet of Things (IoT) devices, but is a risk for any system…
Read More » -
Blog
Supply chain attack on popular GitHub Action exposes CI/CD secrets
A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. The GitHub Action is a very popular automation tool designed for GitHub Actions workflows. It allows developers to identify files changed in a pull request or commit and take actions based on…
Read More » -
Blog
Organizations urged to act fast after GitHub Action supply chain attack
More than 20,000 organizations may be at risk following a supply chain attack affecting tj-actions/changed-files GitHub Action. GitHub Actions is a continuous integration and continuous delivery (CI/CD) service that enables developers to automate software builds and tests. Workflows are triggered by specific events, for example when new code is committed to the repository. Used in more than 23,000 repositories, tj-actions/changed-files…
Read More » -
Blog
ClickFix attack delivers infostealers, RATs in fake Booking.com emails
Microsoft is warning that an ongoing phishing campaign impersonating Booking.com is using ClickFix social engineering attacks to infect hospitality workers with various malware, including infostealers and RATs. The campaign started in December 2024 and continues today, targeting employees at hospitality organizations such as hotels, travel agencies, and other businesses that use Booking.com for reservations. The threat actors’ goal is to hijack…
Read More » -
Blog
Apple Has Issued a Security Patch in Response to an ‘Extremely Sophisticated Attack’
Breaking news: Apple has released another security update, and you should install it right away. While it seems like there’s always a new update for us Apple users to install on our devices, this one is a bit more exciting than usual, targeting what the company has described as “an extremely sophisticated attack.” Apple’s latest security patch On Tuesday, March…
Read More » -
Blog
36 US schools report data breaches following ransomware attack on Carruth Compliance Consulting
Ransomware gang Skira today claimed responsibility for a December 2024 data breach at Carruth Compliance Consulting. The breach led to at least three dozen school districts and colleges across the US–Carruth’s clients–reporting data breaches that compromised the personal data of more than 110,000 school employees. Carruth administers the retirement savings plans for these school districts. It started notifying victims of…
Read More » -
Blog
Qilin ransomware claims attack at Lee Enterprises, leaks stolen data
The Qilin ransomware gang has claimed responsibility for the attack at Lee Enterprises that disrupted operations on February 3, leaking samples of data they claim was stolen from the company. The threat actors have now threatened to leak all the allegedly stolen data on March 5, 2025, unless a ransom demand is paid. Lee Enterprises is a US-based media company that…
Read More »