A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application. The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek.
Noteworthy stories that might have slipped under the radar: Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber Command. The post In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired appeared first on SecurityWeek.
The State Bar of Texas is notifying thousands of individuals that their personal information was stolen in a February ransomware attack. The post State Bar of Texas Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the "tj-actions/changed-files" GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. "The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular open-source tool for
US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations. The post US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations appeared first on SecurityWeek.
