Bill Toulas
Author Bio
Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.
-
Cisco warns of max severity RCE flaws in Identity Services Engine
Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC).
- June 26, 2025
- 11:20 AM
-
0
-
New wave of ‘fake interviews’ use 35 npm packages to spread malware
A new wave of North Korea's 'Contagious Interview' campaign is targeting job seekers with malicious npm packages that infect dev's devices with infostealers and backdoors.
- June 25, 2025
- 03:24 PM
-
0
-
WinRAR patches bug letting malware launch from extracted archives
WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive.
- June 25, 2025
- 12:55 PM
-
0
-
New 'CitrixBleed 2' NetScaler flaw let hackers hijack sessions
A recent vulnerability in Citrix NetScaler ADC and Gateway is dubbed "CitrixBleed 2," after its similarity to an older exploited flaw that allowed unauthenticated attackers to hijack authentication session cookies from vulnerable devices.
- June 25, 2025
- 12:10 PM
-
0
-
BreachForums hacking forum operators reportedly arrested in France
The French police have reportedly arrested five operators of the BreachForum cybercrime forum, a website used by cybercriminals to leak and sell stolen data that exposed the sensitive information of millions.
- June 25, 2025
- 10:25 AM
-
0
-
Google Cloud donates A2A AI protocol to the Linux Foundation
Google Cloud has donated its Agent2Agent (A2A) protocol to the Linux Foundation, which has now announced a new community-driven project called the Agent2Agent Project.
- June 24, 2025
- 05:34 PM
-
0
-
SonicWall warns of trojanized NetExtender stealing VPN logins
SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials.
- June 24, 2025
- 04:36 PM
-
0
-
Trezor’s support platform abused in crypto theft phishing attacks
Trezor is alerting users about a phishing campaign that abuses its automated support system to send deceptive emails from its official platform.
- June 24, 2025
- 12:54 PM
-
0
-
US House bans WhatsApp on staff devices over security concerns
The U.S. House of Representatives has banned the installation and use of WhatsApp on government-issued devices belonging to congressional staff, citing concerns over how the app encrypts and secures data.
- June 24, 2025
- 09:43 AM
-
2
-
APT28 hackers use Signal chats to launch new malware attacks on Ukraine
The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent.
- June 23, 2025
- 06:14 PM
-
0
-
Malware on Google Play, Apple App Store stole your photos—and crypto
A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices.
- June 23, 2025
- 12:44 PM
-
0
-
Canada says Salt Typhoon hacked telecom firm via Cisco flaw
The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored 'Salt Typhoon' hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February.
- June 23, 2025
- 11:23 AM
-
0
-
McLaren Health Care says data breach impacts 743,000 patients
McLaren Health Care is warning 743,000 patients that the health system suffered a data breach caused by a July 2024 attack by the INC ransomware gang.
- June 23, 2025
- 10:28 AM
-
2
-
Oxford City Council suffers breach exposing two decades of data
Oxford City Council warns it suffered a data breach where attackers accessed personally identifiable information from legacy systems.
- June 22, 2025
- 11:17 AM
-
0
-
WordPress Motors theme flaw mass-exploited to hijack admin accounts
Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme "Motors" to hijack administrator accounts and gain complete control of a targeted site.
- June 21, 2025
- 10:09 AM
-
0
0
