Buffclue

In a significant cyberattack, Twilio, a prominent communication service provider, has suffered a breach leading to the leak of 12,000 sensitive call records. These exposed records include customer conversations, call metadata, timestamps, and other private details, now reportedly circulating on the dark web. This incident underscores the growing threat communication platforms face in today’s digital […]

Dell Technologies has reportedly experienced two data breaches since Thursday, compromising over 3.5GB of data from more than 10,000 employees. A hacker known as “grep” claimed responsibility for the first breach, posting a sample of the stolen data on BreachForums and offering the full dataset for just 1 BreachForums credit, equivalent to approximately $0.30. “During

Mastercard has agreed to acquire the cybersecurity firm Recorded Future for $2.65 billion from Insight Partners. Recorded Future, based in Boston, serves 1,900 clients across 75 countries and generates around $300 million in annual revenue. The acquisition is expected to strengthen Mastercard’s cybersecurity capabilities, building on their existing partnership, which uses AI to help banks

IntelBroker claimed responsibility for leaking Deloitte’s internal communications. The breach occurred in September 2024, due to an exposed Apache Solr server with default login credentials, enabling unauthorized access. The compromised data includes email addresses, internal settings, and intranet communications. IntelBroker is linked to the BreachForums community, a hub for trading stolen data and hacking tools,

In a shocking privacy breach, customer data, including sensitive medical records from India’s largest health insurer, Star Health, has been made publicly accessible through Telegram chatbots, according to a report by Reuters. This incident follows allegations against Telegram’s founder for enabling criminal activities on the platform. A security researcher informed Reuters about a user, known

In today’s rapidly evolving threat landscape, the very tools designed to protect your organization may turn into liabilities if not properly managed. Recent incidents have demonstrated that attackers are increasingly exploiting endpoint detection and response (EDR) agents to gain unauthorized access, manipulate systems, and disable defenses. Even worse, some security tools are being hijacked to

A recent performance issue with CrowdStrike’s Falcon platform has raised alarms among customers relying on its real-time cybersecurity capabilities. For approximately 13 hours, the disruption affected critical services such as data retrieval and cloud stability. Although CrowdStrike promptly resolved the issue, it has led to concerns about the reliability of essential security solutions. Key Highlights:

A new scam is making the rounds, preying on Mac users searching for AppleCare+ support. Scammers are buying Google ads that redirect users to fake AppleCare+ websites hosted on GitHub. These counterfeit sites mimic Apple’s branding, tricking visitors into calling a toll-free number where fraudsters attempt to steal financial and personal information. The scam is

Malware Name: Lumma Stealer is being spread via fake “fixes” posted in comments on GitHub projects. Method of Distribution: Cybercriminals are adding malicious comments in GitHub repositories, offering solutions that lead to downloading malware-packed files. Initial Report: The campaign was first flagged by a contributor to the Teloxide Rust library, who encountered multiple fake comments.

A newly discovered malware, “Voldemort” (aptly named after the infamous villain), is making headlines with a terrifyingly simple yet effective strategy: it uses Google Sheets to siphon off stolen data. By avoiding the complexity of setting up dedicated servers, hackers are turning Google Sheets into a command-and-control center, slipping past traditional security measures. To make