Cybersecurity firm GreyNoise Labs has released a new, free web-based tool called GreyNoise IP Check that allows any user to instantly determine if their home or business Internet Protocol (IP) address has been observed participating in global malicious scanning activity. The launch addresses a growing problem: the silent compromise of residential networks, turning everyday home computers, routers, and IoT devices into nodes for large-scale cybercrime operations, such as botne

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory warning that state-backed and sophisticated criminal threat actors are actively leveraging commercial-grade spyware to compromise mobile devices belonging to users of encrypted messaging apps like Signal and WhatsApp. The advisory stresses that hackers are not breaking the apps' end-to-end encryption. Instead, they’re installing spyware directly onto the victim's smartphone, allowin

A team of IT security researchers from the University of Vienna and SBA Research has uncovered a severe privacy flaw in WhatsApp that allowed them to successfully enumerate and map the profiles of 3.5 billion active user accounts. That’s virtually the entire global user base. The flaw exploited a weakness in WhatsApp's contact discovery API, the mechanism designed to help users find which of their phone book contacts are also on the platform. The researchers demonstrated that

Atlassian, GitLab, LinkedIn, Verizon Among Firms Targeted as Hackers Exploit Third-Party App Connections and Stolen OAuth Tokens The digital supply chain has suffered another massive breach, as a third-party application connected to Salesforce was compromised, resulting in unauthorized access to data from over 200 customer instances. The breach, traced to the Gainsight platform, has impacted a wide range of high-profile companies, including Atlassian, CrowdStrike, DocuSign, G

An international coalition of loaw enforcement agencies, coordinated by Europol and Eurojust, has dealt a significant strike against global cybercrime infrastructure in the latest phase of Operation Endgame. The sweep, which spanned 11 countries, successfully dismantled or disrupted the infrastructure of three major malware families that served as crucial "initial access" tools for ransomware groups and credential thieves worldwide. The operation, which concluded last week, r