Chinese artificial intelligence (AI) startup DeepSeek, which has taken the market by storm, has temporarily limited new user registrations following a large-scale cyberattack that disrupted its services. According to Reuters, the attack coincided with the company’s AI assistant becoming the top-rated free application on Apple’s App Store in the United States. The attack affected the registration process for new users, although current users were able to carry on accessing the platform as usual. The company said that it had resolved issues related to its application programming interface (API) and user login problems, marking the longest service outage in around 90…
Kirsten Doyle
Kirsten Doyle
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
Salt Labs has discovered an account takeover vulnerability in a widely used online travel service that facilitates hotel and car rental bookings. This service is integrated into a slew of commercial airline platforms, allowing users to seamlessly add accommodations to their airline itineraries. By exploiting this flaw, malicious actors could gain unauthorized access to any user account within the system, enabling them to impersonate victims and carry out various actions on their behalf. This includes booking hotels and rental cars using the victim’s airline loyalty points, modifying or canceling reservations, and more. The vulnerability could be triggered through a malicious link that…
Every year, 28 January marks Data Privacy Day, a global event dedicated to championing the importance of data protection and privacy in our increasingly digital, connected world. Established by the Council of Europe in 2006, this day commemorates the anniversary of Convention 108, the first binding international treaty on data protection. The purpose of the Convention was: “To secure in the territory of each Party for every individual, whatever his nationality or residence, respect for his rights and fundamental freedoms, and in particular his right to privacy, with regard to automatic processing of personal data relating to him.” Over the…
In a newly discovered phishing campaign, malicious actors are using malicious PDF files to target mobile device users in potentially more than 50 countries. Dubbed the “PDF Mishing Attack,” the campaign exploits the widespread trust in PDFs as a secure file format, revealing new vulnerabilities in mobile platforms. The phishing operation masquerades as the United States Postal Service (USPS) to gain the trust of users and fool recipients into downloading the malicious PDFs. Once opened, the hidden links redirect victims to phishing pages that are designed to steal credentials. Exploiting Humans According to Zimperium’s zLabs team, who discovered the campaign,…
Homebrew, the popular open-source macOS and Linux package manager has become the latest victim of a malvertising campaign to distribute information-stealing malware. Security researcher Ryan Chenkie uncovered the scheme, which leverages fake Google ads to deliver malware that compromises user credentials, browser data, and cryptocurrency wallets. The Malware Behind the Campaign AmosStealer (Atomic), a notorious information-stealing malware designed to target macOS systems, is the malicious software at the center of this campaign. Sold as a subscription service for only $1,000 per month, AmosStealer has become a popular tool among malefactors targeting Apple users. It has also been spotted in other…
In a new and ongoing large-scale cyber campaign, Qualys researchers have uncovered a variant of the infamous Mirai botnet called the Murdoc Botnet. This variant exploits vulnerabilities in widely used AVTECH Cameras and Huawei HG532 routers, allowing malicious actors to compromise devices and build vast botnet networks for additional malicious activities. “The Mirai botnet was first publicly identified in late August 2016, and its effects are still felt today,” says Jason Soroko, Senior Fellow at Sectigo. “The threat actors have identified widespread entry points into enterprise and consumer networks, demonstrating that a single outdated or unpatched device can compromise an…
A concerning security flaw has been identified in OpenAI’s ChatGPT API, allowing malicious actors to execute Reflective Distributed Denial of Service (DDoS) attacks on arbitrary websites. This vulnerability, rated with a high severity CVSS score of 8.6, stems from improper handling of HTTP POST requests to the endpoint https://chatgpt.com/backend-api/attributions. A Reflection Denial of Service attack leverages a potentially legitimate third-party component to redirect attack traffic toward a targeted victim. The API lets users submit a list of hyperlinks via the urls parameter. However, due to poor input validation, the API fails to check for duplicate hyperlinks or enforce a limit…
Cybersecurity researchers from Sekoia have discovered a new Adversary-in-the-Middle (AiTM) phishing kit named “Sneaky 2FA,” targeting Microsoft 365 accounts. First discovered in December last year, this phishing kit has been active since at least October 2024 and is distributed as a Phishing-as-a-Service (PhaaS) through a Telegram bot called “Sneaky Log.” Subscribers receive an obfuscated version of the source code, allowing them to deploy the phishing kit independently. Bypassing 2FA This scourge has several key features: Readily Available for Purchase Elad Luz, Head of Research at Oasis Security, says this threat is particularly deceptive for several reasons. “The links in the phishing…
Today marks the enforcement of the Digital Operational Resilience Act (DORA), a regulation aimed at strengthening the financial sector’s defenses against cyber threats and operational risks. With its focus on ICT risk management, incident reporting, and operational resilience, DORA sets a new benchmark for compliance and preparedness across Europe’s financial institutions and beyond. But what does this mean for banks, financial service providers, and their extended networks? How are entities preparing to meet these robust standards, and what challenges lie ahead? Industry leaders share their insights, offering guidance on navigating this regulatory milestone while leveraging it as a catalyst for…
In an international effort, the US Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) have successfully eliminated a sophisticated malware threat known as “PlugX” from over 4,200 computers across the United States. The malware, used by bad actors sponsored by the People’s Republic of China (PRC), has targeted global victims since 2014. The multi-month operation, which involved collaboration with French law enforcement and the cybersecurity company Sekoia.io, was authorized by court orders issued in the Eastern District of Pennsylvania. Hackers linked to the PRC, operating under the aliases “Mustang Panda” and “Twill Typhoon,” exploited the PlugX malware…