Category: Security

Toys “R” Us Canada warns customers’ info leaked in data breach Toys “R” Us Canada has sent notices of a data breach to customers informing them of a security incident where threat actors leaked customer records they had previously stolen from its systems. […] Bill Toulas Go to bleepingcomputer

Iranian hackers targeted over 100 govt orgs with Phoenix backdoor State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. […] Bill Toulas Go to bleepingcomputer

Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000 Security researchers collected $792,750 in cash after exploiting 56​​​​​​​ unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. […] Sergiu Gatlan Go to bleepingcomputer

Hackers exploiting critical “SessionReaper” flaw in Adobe Magento Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. […] Bill Toulas Go to bleepingcomputer

TARmageddon flaw in abandoned Rust library enables RCE attacks A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. […] Sergiu Gatlan Go to bleepingcomputer

Meta launches new anti-scam tools for WhatsApp and Messenger Meta has announced new tools to help WhatsApp and Messenger users protect themselves from potential scams and secure their accounts. […] Sergiu Gatlan Go to bleepingcomputer

Vidar Stealer 2.0 adds multi-threaded data theft, better evasion The operators of Vidar Stealer, one of the most successful malware-as-a-service (MaaS) operations of the past decade, have released a new major version to reflect massive improvements in the malware. […] Bill Toulas Go to bleepingcomputer

TP-Link warns of critical command injection flaw in Omada gateways TP-Link has made firmware updates available for a broad range of Omada gateway models to address four vulnerabilities, among which a critical pre-auth OS command injection. […] Bill Toulas Go to bleepingcomputer

CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. […] Lawrence Abrams Go to bleepingcomputer

Hackers exploit 34 zero-days on first day of Pwn2Own Ireland On the first day of Pwn2Own Ireland 2025, security researchers exploited 34 unique zero-days and collected $522,500 in cash awards. […] Sergiu Gatlan Go to bleepingcomputer

Retail giant Muji halts online sales after ransomware attack on supplier Japanese retail company Muji has taken offline its store due to a logistics outage caused by a ransomware attack at its delivery partner, Askul. […] Bill Toulas Go to bleepingcomputer

Over 75,000 WatchGuard security devices vulnerable to critical RCE Nearly 76,000 WatchGuard Firebox network security appliances are exposed on the public web and still vulnerable to a critical issue (CVE-2025-9242) that could allow a remote attacker to execute code without authentication. […] Bill Toulas Go to bleepingcomputer

ConnectWise fixes Automate bug allowing AiTM update attacks ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and modification. […] Bill Toulas Go to bleepingcomputer

American Airlines subsidiary Envoy confirms Oracle data theft attack Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site. […] Lawrence Abrams Go to bleepingcomputer

Europol dismantles SIM box operation renting numbers for cybercrime European law enforcement in an operation codenamed ‘SIMCARTEL’ has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5 million euros in losses. […] Bill Toulas Go to bleepingcomputer

Auction giant Sotheby’s says data breach exposed financial information Major international auction house Sotheby’s is notifying individuals of a data breach incident on its systems where threat actors stole sensitive information, including financial details. […] Bill Toulas Go to bleepingcomputer

Have I Been Pwned: Prosper data breach impacts 17.6 million accounts Hackers stole the personal information of over 17.6 million people after breaching the systems of financial services company Prosper. […] Sergiu Gatlan Go to bleepingcomputer

Hackers exploit Cisco SNMP flaw to deploy rootkit on switches Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access. […] Bill Toulas Go to bleepingcomputer

PowerSchool hacker gets sentenced to four years in prison 19-year-old college student Matthew D. Lane, from Worcester, Massachusetts, was sentenced to 4 years in prison for orchestrating a cyberattack on PowerSchool in December 2024 that resulted in a massive data breach. […] Sergiu Gatlan Go to bleepingcomputer

Fake LastPass, Bitwarden breach alerts lead to PC hijacks An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager. […] Bill Toulas Go to bleepingcomputer

F5 releases BIG-IP patches for stolen security vulnerabilities Cybersecurity company F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025. […] Sergiu Gatlan Go to bleepingcomputer

Malicious crypto-stealing VSCode extensions resurface on OpenVSX A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft’s Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors. […] Bill Toulas Go to bleepingcomputer

Massive multi-country botnet targets RDP services in the US A large-scale botnet is targeting Remote Desktop Protocol (RDP) services in the United States from more than 100,000 IP addresses. […] Bill Toulas Go to bleepingcomputer

SonicWall VPN accounts breached using stolen creds in widespread attacks Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials. […] Bill Toulas Go to bleepingcomputer

Fake ‘Inflation Refund’ texts target New Yorkers in new scam An ongoing smishing campaign is targeting New Yorkers with text messages posing as the Department of Taxation and Finance, claiming to offer “Inflation Refunds” in an attempt to steal victims’ personal and financial data. […] Lawrence Abrams Go to bleepingcomputer

Hackers exploiting zero-day in Gladinet file sharing software Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication. […] Bill Toulas Go to bleepingcomputer

Cybersecurity For Dummies, 3rd Edition eBook FREE for a Limited Time In today’s hyper-connected world, cyber threats are more sophisticated and frequent than ever – ransomware, data breaches, and social engineering scams, targeting everyone from individuals to Fortune 500 companies. Right now, you can grab “Cybersecurity For Dummies, 3rd Edition” – a $29.99 value –…

Apple now offers $2 million for zero-click RCE vulnerabilities Apple is announcing a major expansion and redesign of its bug bounty program, doubling maximum payouts, adding new research categories, and introducing a more transparent reward structure. […] Bill Toulas Go to bleepingcomputer

Hackers now use Velociraptor DFIR tool in ransomware attacks Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware. […] Bill Toulas Go to bleepingcomputer

Hackers claim Discord breach exposed data of 5.5 million users Discord says they will not be negotiating with threat actors who claim to have stolen the data of 5.5 million unique users from the company’s Zendesk support system instance, including government IDs and partial payment information for some people. […] Lawrence Abrams Go to bleepingcomputer

New FileFix attack uses cache smuggling to evade security software A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim’s system and bypassing security software. […] Lawrence Abrams Go to bleepingcomputer

Qilin ransomware claims Asahi brewery attack, leaks data The Qilin ransomware group has claimed responsibility for the attack at Japanese beer maker Asahi, adding the company to its extortion page on the dark web yesterday. […] Bill Toulas Go to bleepingcomputer

Salesforce refuses to pay ransom over widespread data theft attacks Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company’s customers this year. […] Lawrence Abrams Go to bleepingcomputer

Docker makes Hardened Images Catalog affordable for small businesses The Docker team has announced unlimited access to its Hardened Images catalog to make access to secure software bundles affordable for all development teams at startups and SMBs. […] Bill Toulas Go to bleepingcomputer

DraftKings warns of account breaches in credential stuffing attacks Sports betting giant DraftKings has notified an undisclosed number of customers that their accounts had been hacked in a recent wave of credential stuffing attacks. […] Sergiu Gatlan Go to bleepingcomputer

Clop exploited Oracle zero-day for data theft since early August The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike. […] Sergiu Gatlan Go to bleepingcomputer

Red Hat data breach escalates as ShinyHunters joins extortion Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports (CERs) leaked on their data leak site. […] Lawrence Abrams Go to bleepingcomputer

Oracle patches EBS zero-day exploited in Clop data theft attacks Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. […] Lawrence Abrams Go to bleepingcomputer

Hackers exploited Zimbra flaw as zero-day using iCalendar files Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in zero-day attacks at the beginning of the year. […] Bill Toulas Go to bleepingcomputer

Signal adds new cryptographic defense against quantum attacks Signal announced the introduction of Sparse Post-Quantum Ratchet (SPQR), a new cryptographic component designed to withstand quantum computing threats. […] Bill Toulas Go to bleepingcomputer

Renault and Dacia UK warn of data breach impacting customers Customers of Renault and Dacia in the United Kingdom have been notified that sensitive information they shared with the car maker was compromised following a data breach at a third-party provider. […] Bill Toulas Go to bleepingcomputer

Japanese beer giant Asahi confirms ransomware attack Japanese beer-making giant Asahi has disclosed today that a ransomware attack caused the IT disruptions that forced it to shut down factories this week. […] Sergiu Gatlan Go to bleepingcomputer

ShinyHunters launches Salesforce data leak site to extort 39 victims An extortion group has launched a new data leak site to publicly extort dozens of companies impacted by a wave of Salesforce breaches, leaking samples of data stolen in the attacks. […] Sergiu Gatlan Go to bleepingcomputer

HackerOne paid $81 million in bug bounties over the past year Bug bounty platform HackerOne announced that it paid out $81 million in rewards to white-hat hackers worldwide over the past 12 months. […] Sergiu Gatlan Go to bleepingcomputer

Clop extortion emails claim theft of Oracle E-Business Suite data Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems […] Lawrence Abrams Go to bleepingcomputer

Data breach at dealership software provider impacts 766k clients A ransomware attack at Motility Software Solutions, a provider of dealer management software (DMS), has exposed the sensitive data of 766,000 customers. […] Bill Toulas Go to bleepingcomputer

Adobe Analytics bug leaked customer tracking data to other tenants Adobe is warning its Analytics customers that an ingestion bug caused data from some organizations to appear in the analytics instances of others for approximately one day. […] Lawrence Abrams Go to bleepingcomputer

New MatrixPDF toolkit turns PDFs into phishing and malware lures A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential theft or malware downloads. […] Lawrence Abrams Go to bleepingcomputer

WestJet confirms recent breach exposed customers’ passports Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised their sensitive information, including passports and ID documents. […] Bill Toulas Go to bleepingcomputer

UK convicts “Bitcoin Queen” in world’s largest cryptocurrency seizure The Metropolitan Police has secured a conviction in what is believed to be the world’s largest cryptocurrency seizure, valued at more than £5.5 billion ($7.3 billion). […] Lawrence Abrams Go to bleepingcomputer

Japan’s largest brewer suspends operations due to cyberattack Asahi Group Holdings, Ltd (Asahi), the brewer of Japan’s top-selling beer, has disclosed a cyberattack that disrupted several of its operations. […] Bill Toulas Go to bleepingcomputer

Ransomware gang sought BBC reporter’s help in hacking media giant Threat actors claiming to represent the Medusa ransomware gang tempted a BBC correspondent to become an insider threat by offering a significant amount of money. […] Bill Toulas Go to bleepingcomputer

UK govt backs JLR with £1.5 billion loan guarantee after cyberattack The UK Government is providing Jaguar Land Rover (JLR) with a £1.5 billion loan guarantee to restore its supply chain after a catastrophic cyberattack forced the automaker to halt production. […] Lawrence Abrams Go to bleepingcomputer

Akira ransomware breaching MFA-protected SonicWall VPN accounts Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully logging in despite OTP MFA being enabled on accounts. Researchers suspect that this may be achieved through the use of previously stolen OTP seeds, although the exact method…

Fake Microsoft Teams installers push Oyster malware via malvertising Hackers have been spotted using SEO poisoning and search engine advertisements to promote fake Microsoft Teams installers that infect Windows devices with the Oyster backdoor, providing initial access to corporate networks. […] Lawrence Abrams Go to bleepingcomputer

Dutch teens arrested for trying to spy on Europol for Russia Two Dutch teenage boys aged 17, reportedly used hacking devices to spy for Russia, have been arrested by the Politie on Monday. […] Bill Toulas Go to bleepingcomputer

The hidden cyber risks of deploying generative AI Generative AI can boost productivity—but without safeguards, it also opens the door to phishing, fraud & model manipulation. Learn more from Acronis TRU on why AI security must be built in from the start. […] Sponsored by Acronis Go to bleepingcomputer

Co-op says it lost $107 million after Scattered Spider attack The Co-operative Group in the U.K. released its interim financial results report for the first half of 2025 with a massive loss in operating profit of £80 million ($107 million) due to the cyberattack it suffered last April. […] Bill Toulas Go to bleepingcomputer

CISA orders agencies to patch Cisco flaws exploited in zero-day attacks CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. […] Sergiu Gatlan Go to bleepingcomputer

Cisco warns of ASA firewall zero-days exploited in attacks Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company’s firewall software. […] Sergiu Gatlan Go to bleepingcomputer

New Supermicro BMC flaws can create persistent backdoors Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images. […] Bill Toulas Go to bleepingcomputer

Kali Linux 2025.3 released with 10 new tools, Wi-Fi enhancements Kali Linux has released version 2025.3, the third version of 2025, featuring ten new tools, Nexmon support, and NetHunter improvements. […] Lawrence Abrams Go to bleepingcomputer

Cisco warns of IOS zero-day vulnerability exploited in attacks Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that is currently being exploited in attacks. […] Sergiu Gatlan Go to bleepingcomputer

Boyd Gaming discloses data breach after suffering a cyberattack US gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals. […] Lawrence Abrams Go to bleepingcomputer

Libraesva ESG issues emergency fix for bug exploited by state hackers Libraesva rolled out an emergency update for its Email Security Gateway solution to fix a vulnerability exploited by threat actors believed to be state sponsored. […] Bill Toulas Go to bleepingcomputer

WhatsApp adds message translation to iPhone and Android apps WhatsApp has started rolling out a new translation feature that enables Android and iPhone users to translate messages in chats, groups, and channel updates. […] Sergiu Gatlan Go to bleepingcomputer

Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack Cloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at a record-breaking 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps). […] Bill Toulas Go to bleepingcomputer

CISA says hackers breached federal agency using GeoServer exploit CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. […] Sergiu Gatlan Go to bleepingcomputer

Airport disruptions in Europe caused by a ransomware attack The disruptions over the weekend at several major European airports were caused by a ransomware attack targeting the check-in and boarding systems. […] Ionut Ilascu Go to bleepingcomputer

American Archive of Public Broadcasting fixes bug exposing restricted media ​A vulnerability in the American Archive of Public Broadcasting’s website allowed downloading of protected and private media for years, with the flaw quietly patched this month. […] Bill Toulas Go to bleepingcomputer

Automaker giant Stellantis confirms data breach after Salesforce hack Automotive manufacturing giant Stellantis has confirmed that attackers stole some of its North American customers’ data after gaining access to a third-party service provider’s platform. […] Sergiu Gatlan Go to bleepingcomputer

New EDR-Freeze tool uses Windows WER to suspend security software A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft’s Windows Error Reporting (WER) system. […] Bill Toulas Go to bleepingcomputer