Security News Bundle

"Shopify denies it was hacked, links stolen data to third-party app."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 07 July 2024, 2131 UTC.

Content and Source: News Bundle.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (

Security News Bundle



Today marks the launch of the Security Affairs newsletter, specializing in Malware. This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best articles and research on malware. CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts Supply Chain Compromise Leads to Trojanized Installers for Notezilla, Rec
ChatGPT maker OpenAI was breached in 2023, but the company says source code and customer data were not accessed. The post appeared first on SecurityWeek .


The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The Apache Software Foundation has addressed multiple vulnerabilities in its popular Apache HTTP Server. The vulnerabilities include denial-of-service (DoS), remote code execution, and unauthorized access issues. One of these vulnerabilities is a critical source code dis


A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfi
Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped. Superintendent Eric Mackey, who disclosed the attack, said they are wo
Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereason researchers warn. The malware has evolved, resulting in several versions, with GootLoader 3 currently in use. Despite updates to the payload, the infection strategies and overall functionality have rem

JUL 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. The American newspaper revealed that the threat actors gained access to the internal discussions among researchers and other employees, but they did not access the source code of
Skin-sparing mastectomy and breast reconstruction scrapped as result of ransomware at supplier Exclusive The latest figures suggest that around 1,500 medical procedures have been canceled across some of London's biggest hospitals in the four weeks since Qilin's ransomware attack hit pathology services provider Synnovis. But perhaps no single person was affected as severely as Johanna Groothuizen.
The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for free. The bar codes are valid for the upcoming concerts of Taylor Swift in Miami, New Orleans, and Indianapolis. The threat actor dem
Identity theft isn't just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause major damage with compromised credentials. The stakes are high: ransomware attacks, lateral movement, and devastating data breaches. Don't be caught off guard. Join us for a groundbreaking webinar that will change the way you approach cybersecurity.
French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps). This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large European bank in June 2020. The 840 Mpps DDoS attack is said to have been a combination of a TCP
Yahoo, Uber, SolarWinds — increasingly, the government is incentivizing better corporate security by punishing the individuals leading it. Is that a good idea? And how can security pros avoid ending up on the butt end of a lawsuit?


Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.