Notícias 

Noteworthy stories that might have slipped under the radar: former Disney employee sent to prison for hacking, MITRE releases ATT&CK v17, DDoS botnet powered by 1.3 million devices. The post In Other News: Prison for Disney Hacker, MITRE ATT&CK v17, Massive DDoS Botnet appeared first on SecurityWeek.

Blue Shield of California, a nonprofit health insurance provider, is making headlines this week after revealing that its members' personal data was compromised in a breach that may have been caused by a misconfiguration or insider threat. Over 4.7 million members are affected, with sensitive data fraudulently accessed by the Google Ads platform. According to […] The post Blue Shield of California Faces Data Breach Amid Misconfigured Access to Google Ads Platform first appeared on Cybersecurity Insiders. The post Blue Shield of California Faces Data Breach Amid Misconfigured Access to Google Ads Platform appeared first on Cybersecurity Insiders.

Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability. The post SAP zero-day vulnerability under widespread active exploitation appeared first on CyberScoop.

When we think about vishing (voice phishing), the usual suspects come to mind: fake refund scams impersonating Norton, PayPal, or Geek Squad. The post New Spin on Vishing: Attackers Are Now Targeting Healthcare Appointments appeared first on Security Boulevard.

A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors

Don't say 'spyware'—21 million screenshots in one open bucket. The post 200,000 Workers' PII at Risk in WorkComposer S3 SNAFU appeared first on Security Boulevard.

The North Korean hackers behind the Contagious Interview worker scam, which threat intelligence analysts have followed since late 2023, are now hiding behind three bogus crypto companies they created as fronts for their info- and crypto-stealing operations. The post North Korean Group Creates Fake Crypto Firms in Job Complex Scam appeared first on Security Boulevard.

Discover how proper secure coding practices can prevent costly data breaches and vulnerabilities. This comprehensive guide covers essential security principles, OWASP Top 10 mitigations, and language-specific techniques that every developer needs to implement in their SDLC. The post Secure Coding Practices Guide: Principles, Vulnerabilities, and Verification appeared first on Security Boulevard.

Insight No. 1 — Fast code, slow security? Think ADR Consider the scenario: Development teams are pushing code at unprecedented speeds, and vulnerabilities, whether human or AI-generated, are lingering far too long. What's the logical outcome? Increased exploitation in your production environment. The strategic imperative is clear: We must implement robust detection and response capabilities within production itself. Application Detection and Response (ADR) offers a vital solution to this escalating risk. The post Cybersecurity Insights with Contrast CISO David Lindner | 04/25/25 appeared first on Security Boulevard.

A zero-day in SAP NetWeaver is potentially being exploited, putting thousands of internet-facing applications at risk. Researchers warn that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score of 10/10), in SAP NetWeaver is potentially being exploited. Thousands of internet-facing applications are potentially at risk. The flaw in SAP NetWeaver Visual Composer Metadata Uploader stems from a lack […]