LastPass Issues Critical Warning For Users — Password Attacks Underway

The password attacks started on January 19, according to LastPass, which has now issued a critical warning to all users — ...

149 Million Usernames and Passwords Exposed by Unsecured Database

This “dream wish list for criminals” includes millions of Gmail, Facebook, banking logins, and more. The researcher who ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Decrypt

North Korea–Linked Hackers Use Deepfake Video Calls to Target Crypto Workers

Hackers are using AI-generated video calls to impersonate trusted contacts and trick crypto workers into installing malware.

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

Match Group breach exposes data from Hinge, Tinder, OkCupid, and Match

Match Group, the owner of multiple popular online dating services, Tinder, Match.com, Meetic, OkCupid, and Hinge, confirmed a cybersecurity incident that compromised user data.