Scam ads are taking over social media, but two former Meta staffers are on a mission to save the day. They’ve launched a nonprofit to shine a light on this murky world, aiming to bring transparency and help users dodge digital deception. Who knew fighting scams could be this enlightening?

Nevada’s cyberattack left state workers on paid leave and residents without licenses. The ransomware attack, triggered by a malware download, cost millions to fix. Despite the chaos, Nevada didn’t pay the ransom. Cybersecurity experts say the response was quick, but suggest the state should’ve been more prepared.

Hyundai AutoEver America reveals a data breach after hackers waltzed into its systems. The cyber-intrusion tango began on February 22 and ended on March 2, raising questions about whether sensitive information did the cha-cha out the door. Hyundai AutoEver’s data breach might be small in numbers, but it’s big on mystery!

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to hide Linux VMs and evade EDR tools, deploying custom malware undetected. Researchers uncovered advanced virtualization misuse, revealing a stealthy operation that bypasses traditional security measures. This cyber caper proves even hackers love a good virtual disguise!

Nikkei has fessed up to a data breach where hackers sauntered into its Slack, exposing personal info of over 17,000 folks. Blame goes to malware hitching a ride on an employee’s device, allowing attackers to nab Slack credentials. It’s a stark reminder: your digital watercooler might just be eavesdropping!

Cisco announced patches for nearly a dozen vulnerabilities, including two critical flaws in Cisco Unified Contact Center Express. These bugs, with scores of 9.8 and 9.4, could allow remote code execution. So, if you’re looking to prevent unscheduled command performances on your systems, updating might be a wise move.

ChatGPT may be spilling the beans! Researchers found seven vulnerabilities that let attackers extract private info from users. From sneaky prompts in blog comments to zero-click attacks, these flaws expose millions to risks. OpenAI’s chatbot seems to have more leaks than a rusty old boat. Stay alert, folks!

Russian hacker group Sandworm’s data-wiping spree in Ukraine targets crucial sectors like grain production. Unlike ransomware, these attacks purely sabotage, erasing data irrecoverably. With Ukraine’s grain exports being vital, this strategy aims to cripple its economy. ESET highlights these destructive operations as a continuous threat, urging strong defenses to counteract such malware.

SonicWall has revealed that a state-sponsored threat actor was behind the September hack where firewall configuration files were swiped from its cloud backup service. The stolen files contain encrypted credentials, posing a risk for targeted attacks. SonicWall customers are advised to immediately secure their devices.

Google has unveiled a new type of AI-powered malware using large language models (LLMs) to generate malicious scripts on demand. Dubbed PromptFlux and PromptSteal, these malware families dynamically mutate, making traditional detection methods as effective as a chocolate teapot in a heatwave.

Google Cloud Security warns Europe to brace for cyber-physical attacks in 2026, with state actors like Russia and China targeting infrastructure. Expect cyber espionage and hybrid warfare, with non-state actors eyeing supply chains. Meanwhile, AI-powered cybercrime is set to become the industry’s new normal. Hold on to your firewalls, folks, it’s going to be a…

Curly COMrades, the digital mischief-makers, have embraced virtualization to dodge security like pros. They’re using Hyper-V to run a sneaky lightweight Alpine Linux VM. Their secret weapons? CurlyShell and CurlCat – malware siblings that are like the Laurel and Hardy of cyber trickery, executing commands and tunneling traffic with comedic precision.

SonicWall has accused state-sponsored threat actors of a breach exposing firewall configuration backups. Despite this, their products and firmware remain unaffected. The company is committed to strengthening security, while customers are urged to check their devices and reset credentials if needed. SonicWall stands ready against nation-state-backed threat actors targeting edge security providers.

Nikkei Inc. experienced a network breach through a stolen Slack account, affecting over 17,000 individuals. This incident, starting with malware, highlights the rising threat of using stolen data as leverage. Nikkei, renowned for its publications, assured that journalistic information was safe, but the saga serves as a cybersecurity wake-up call.

Nikkei Inc. suffered a data breach exposing 17,368 Slack accounts due to a single compromised account. The Japanese media giant, owner of the Financial Times, is no stranger to cyberattacks, having lost $29 million in a previous email scam. So much for “slacking” on security!

CISA is urging a sprint, not a marathon, to patch a CentOS Web Panel flaw that could let hackers play puppet master with your server. Federal agencies have until November 25 to update or bid farewell to the software. This vulnerability is so widespread, it’s practically the new pumpkin spice of cybersecurity threats!

Zohran Mamdani has inherited more than just the mayoral seat of New York City; he’s inherited the NYPD’s sprawling surveillance state. As Mamdani gears up to tackle affordability, he faces the daunting task of navigating the NYPD’s vast intelligence operations, which some liken to those of a US intelligence agency.

Google’s second attempt to acquire Wiz is going better than the first, with the Department of Justice clearing the $32 billion deal. This is Google’s largest-ever acquisition. While securing multicloud security solutions is a milestone, Rappaport notes it’s just a step on the journey between signing and closing.

SonicWall’s September security breach was the work of state-sponsored hackers, but their products remain unscathed. Mandiant confirmed the attack was limited to cloud backup files. SonicWall swiftly urged customers to reset credentials to protect their firewalls. Meanwhile, unrelated mischief-makers continue targeting SonicWall accounts, proving hackers have a knack for bad timing.

The University of Pennsylvania has confirmed a cyberattack where hackers breached their systems using social engineering, stealing 1.71 GB of internal documents and a donor database. Despite the university’s swift response, hackers still sent an offensive email to 700,000 recipients. The FBI and CrowdStrike are investigating.