intelligence gathering

Google agreed to pay $5 billion to settle a privacy lawsuit alleging that the company tracked users in incognito mode. The lawsuit accused Google of using tools such as Google Analytics to collect data on users even when they thought they were browsing privately.

On New Year's Eve 2024, Orbit Bridge was hit by a massive hack that cost over $82 million. The incident sparked panic in the crypto community and highlighted once again the importance of cryptocurrency security.

Re-generate Google services cookies using undocumented OAuth2 functionality, regardless of IP or password reset.

Google Cloud has addressed a criticality security vulnerability in its platform that can be exploited by attackers to escalate privileges in Kubernetes clusters they already have access to. The company said in an announcement on December 14, 2023...

The notorious cyber-espionage organization Cloud Atlas has recently launched a series of spear phishing attacks targeting Russian agribusiness and state-owned research institutions. The news comes in a report from independent cybersecurity firm F.A.C.C.T., which was formed earlier this year after the former Group-IB team split.

WordPress plugin security researchers have discovered a malicious WordPress plugin capable of creating fake administrator accounts and injecting malicious JavaScript code used to steal credit card information. According to cybersecurity companies…

The Iranian state-level cyber espionage organization "MuddyWater" has resurfaced and used a new command and control framework called "MuddyC2Go" to launch attacks targeting the telecommunications industries of Egypt, Sudan and Tanzania. Symantec Threat Hunter Team…

Cybersecurity researchers have revealed the inner workings of a ransomware operation led by Mikhail Pavlovich Matveev, a Russian citizen who was indicted by the U.S. government earlier this year on charges that he engaged in...

A supply chain attack on crypto hardware wallet manufacturer Ledger resulted in the theft of $600,000 in crypto assets. The attacker obtained Ledger's npm account through a phishing attack on a resigned employee, and uploaded a malicious version of the Connect Kit module. These malicious versions spread cryptocurrency-stealing malware to other applications that rely on the module, creating software supply chain vulnerabilities.

Apple has released security patches for iOS, iPadOS, macOS, tvOS, watchOS and the Safari web browser that address multiple security vulnerabilities and retroactively fix two recently disclosed zero-day vulnerabilities for older devices.