Cyber Daily

Aussie fintech platform youX confirms data breach as hacker shares massive dataset online

Hacker claims compromise of 141 gigabytes of data from a MongoDB Atlas cluster, more than 600k loan applications to almost ...
Cyber Daily

Exclusive: Aeromedical Society of Australasia listed by Lockbit ransomware gang

Resurrected hacking group targets air medicine not-for-profit, threatens to publish stolen data by month’s end.
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

Intellexa’s Predator spyware used to hack iPhone of journalist in Angola, research says

Amnesty International says it found evidence that a government customer of Intellexa, a sanctioned surveillance vendor, used ...

Deutsche Bahn says cyberattack hit ticket and info systems

Germany's national rail operator says it was hit with a cyberattack on its systems that disrupted ticketing and timetable information.
Security Boulevard

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...