Category: Cybersecurity Alerts & Threat Warnings

The Biggest Telecom Breach You Haven’t Heard Enough About In one of the most significant cyber-espionage operations in history, a China-linked hacking group known as Salt Typhoon has been infiltrating global telecom networks — including major U.S. providers — for more than a year. While headlines focus on government agencies and massive corporations, the ripple…

A recent report uncovered a massive security flaw affecting millions of vehicles across multiple manufacturers, thanks to a remote exploit known as PerfektBlue. The attack targets over-the-air (OTA) firmware update systems and opens the door to full remote control of vulnerable vehicles — including brakes, steering, and drive controls — without physical access. This is…

Starting July 7, Google’s Gemini AI will begin scanning more of your digital life — including your emails, Docs, and Drive content — to improve its AI capabilities and provide “smarter suggestions.” What that really means: unless you opt out, your personal data is now fair game for AI training. This isn’t a conspiracy theory…

In a recent report by Wired, a string of suspicious login attempts has raised alarms across the cybersecurity world — and this time, it’s not your typical phishing scam. The findings suggest that unknown entities may have gained access to sensitive back-end tools at major social media platforms, including tools typically reserved for law enforcement…

Major Vulnerability Found in Cityworks Software — What Businesses Need to Know If your business uses Cityworks, a popular asset and work management platform used by public utilities and municipal governments, you’ll want to pay attention to this one. Cisco’s Talos Intelligence team recently disclosed a critical security vulnerability (CVE-2024-23897, also referenced as UAT-6382) that…

Most businesses assume that using Microsoft 365 and Entra ID (formerly Azure AD) means they’re secure by default. Unfortunately, that’s not the case—especially if legacy authentication protocols are still enabled. Attackers are increasingly exploiting these outdated methods to bypass modern defenses like MFA and conditional access. Legacy authentication includes older protocols like POP, IMAP, and…