Tag: bleepingcomputer

Salesforce refuses to pay ransom over widespread data theft attacks Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company’s customers this year. […] Lawrence Abrams Go to bleepingcomputer

Docker makes Hardened Images Catalog affordable for small businesses The Docker team has announced unlimited access to its Hardened Images catalog to make access to secure software bundles affordable for all development teams at startups and SMBs. […] Bill Toulas Go to bleepingcomputer

DraftKings warns of account breaches in credential stuffing attacks Sports betting giant DraftKings has notified an undisclosed number of customers that their accounts had been hacked in a recent wave of credential stuffing attacks. […] Sergiu Gatlan Go to bleepingcomputer

Clop exploited Oracle zero-day for data theft since early August The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike. […] Sergiu Gatlan Go to bleepingcomputer

Red Hat data breach escalates as ShinyHunters joins extortion Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports (CERs) leaked on their data leak site. […] Lawrence Abrams Go to bleepingcomputer

Oracle patches EBS zero-day exploited in Clop data theft attacks Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. […] Lawrence Abrams Go to bleepingcomputer

Hackers exploited Zimbra flaw as zero-day using iCalendar files Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in zero-day attacks at the beginning of the year. […] Bill Toulas Go to bleepingcomputer

Signal adds new cryptographic defense against quantum attacks Signal announced the introduction of Sparse Post-Quantum Ratchet (SPQR), a new cryptographic component designed to withstand quantum computing threats. […] Bill Toulas Go to bleepingcomputer

Renault and Dacia UK warn of data breach impacting customers Customers of Renault and Dacia in the United Kingdom have been notified that sensitive information they shared with the car maker was compromised following a data breach at a third-party provider. […] Bill Toulas Go to bleepingcomputer

Japanese beer giant Asahi confirms ransomware attack Japanese beer-making giant Asahi has disclosed today that a ransomware attack caused the IT disruptions that forced it to shut down factories this week. […] Sergiu Gatlan Go to bleepingcomputer

ShinyHunters launches Salesforce data leak site to extort 39 victims An extortion group has launched a new data leak site to publicly extort dozens of companies impacted by a wave of Salesforce breaches, leaking samples of data stolen in the attacks. […] Sergiu Gatlan Go to bleepingcomputer

HackerOne paid $81 million in bug bounties over the past year Bug bounty platform HackerOne announced that it paid out $81 million in rewards to white-hat hackers worldwide over the past 12 months. […] Sergiu Gatlan Go to bleepingcomputer

Clop extortion emails claim theft of Oracle E-Business Suite data Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems […] Lawrence Abrams Go to bleepingcomputer

Data breach at dealership software provider impacts 766k clients A ransomware attack at Motility Software Solutions, a provider of dealer management software (DMS), has exposed the sensitive data of 766,000 customers. […] Bill Toulas Go to bleepingcomputer

Adobe Analytics bug leaked customer tracking data to other tenants Adobe is warning its Analytics customers that an ingestion bug caused data from some organizations to appear in the analytics instances of others for approximately one day. […] Lawrence Abrams Go to bleepingcomputer

New MatrixPDF toolkit turns PDFs into phishing and malware lures A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential theft or malware downloads. […] Lawrence Abrams Go to bleepingcomputer

WestJet confirms recent breach exposed customers’ passports Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised their sensitive information, including passports and ID documents. […] Bill Toulas Go to bleepingcomputer

UK convicts “Bitcoin Queen” in world’s largest cryptocurrency seizure The Metropolitan Police has secured a conviction in what is believed to be the world’s largest cryptocurrency seizure, valued at more than £5.5 billion ($7.3 billion). […] Lawrence Abrams Go to bleepingcomputer

Japan’s largest brewer suspends operations due to cyberattack Asahi Group Holdings, Ltd (Asahi), the brewer of Japan’s top-selling beer, has disclosed a cyberattack that disrupted several of its operations. […] Bill Toulas Go to bleepingcomputer

Ransomware gang sought BBC reporter’s help in hacking media giant Threat actors claiming to represent the Medusa ransomware gang tempted a BBC correspondent to become an insider threat by offering a significant amount of money. […] Bill Toulas Go to bleepingcomputer

UK govt backs JLR with £1.5 billion loan guarantee after cyberattack The UK Government is providing Jaguar Land Rover (JLR) with a £1.5 billion loan guarantee to restore its supply chain after a catastrophic cyberattack forced the automaker to halt production. […] Lawrence Abrams Go to bleepingcomputer

Akira ransomware breaching MFA-protected SonicWall VPN accounts Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully logging in despite OTP MFA being enabled on accounts. Researchers suspect that this may be achieved through the use of previously stolen OTP seeds, although the exact method…

Fake Microsoft Teams installers push Oyster malware via malvertising Hackers have been spotted using SEO poisoning and search engine advertisements to promote fake Microsoft Teams installers that infect Windows devices with the Oyster backdoor, providing initial access to corporate networks. […] Lawrence Abrams Go to bleepingcomputer

Dutch teens arrested for trying to spy on Europol for Russia Two Dutch teenage boys aged 17, reportedly used hacking devices to spy for Russia, have been arrested by the Politie on Monday. […] Bill Toulas Go to bleepingcomputer

The hidden cyber risks of deploying generative AI Generative AI can boost productivity—but without safeguards, it also opens the door to phishing, fraud & model manipulation. Learn more from Acronis TRU on why AI security must be built in from the start. […] Sponsored by Acronis Go to bleepingcomputer

Co-op says it lost $107 million after Scattered Spider attack The Co-operative Group in the U.K. released its interim financial results report for the first half of 2025 with a massive loss in operating profit of £80 million ($107 million) due to the cyberattack it suffered last April. […] Bill Toulas Go to bleepingcomputer

CISA orders agencies to patch Cisco flaws exploited in zero-day attacks CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. […] Sergiu Gatlan Go to bleepingcomputer

Cisco warns of ASA firewall zero-days exploited in attacks Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company’s firewall software. […] Sergiu Gatlan Go to bleepingcomputer

New Supermicro BMC flaws can create persistent backdoors Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images. […] Bill Toulas Go to bleepingcomputer

Kali Linux 2025.3 released with 10 new tools, Wi-Fi enhancements Kali Linux has released version 2025.3, the third version of 2025, featuring ten new tools, Nexmon support, and NetHunter improvements. […] Lawrence Abrams Go to bleepingcomputer

Cisco warns of IOS zero-day vulnerability exploited in attacks Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that is currently being exploited in attacks. […] Sergiu Gatlan Go to bleepingcomputer

Boyd Gaming discloses data breach after suffering a cyberattack US gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals. […] Lawrence Abrams Go to bleepingcomputer

Libraesva ESG issues emergency fix for bug exploited by state hackers Libraesva rolled out an emergency update for its Email Security Gateway solution to fix a vulnerability exploited by threat actors believed to be state sponsored. […] Bill Toulas Go to bleepingcomputer

WhatsApp adds message translation to iPhone and Android apps WhatsApp has started rolling out a new translation feature that enables Android and iPhone users to translate messages in chats, groups, and channel updates. […] Sergiu Gatlan Go to bleepingcomputer

Cloudflare mitigates new record-breaking 22.2 Tbps DDoS attack Cloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at a record-breaking 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps). […] Bill Toulas Go to bleepingcomputer

CISA says hackers breached federal agency using GeoServer exploit CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. […] Sergiu Gatlan Go to bleepingcomputer

Airport disruptions in Europe caused by a ransomware attack The disruptions over the weekend at several major European airports were caused by a ransomware attack targeting the check-in and boarding systems. […] Ionut Ilascu Go to bleepingcomputer

American Archive of Public Broadcasting fixes bug exposing restricted media ​A vulnerability in the American Archive of Public Broadcasting’s website allowed downloading of protected and private media for years, with the flaw quietly patched this month. […] Bill Toulas Go to bleepingcomputer

Automaker giant Stellantis confirms data breach after Salesforce hack Automotive manufacturing giant Stellantis has confirmed that attackers stole some of its North American customers’ data after gaining access to a third-party service provider’s platform. […] Sergiu Gatlan Go to bleepingcomputer

New EDR-Freeze tool uses Windows WER to suspend security software A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft’s Windows Error Reporting (WER) system. […] Bill Toulas Go to bleepingcomputer

Microsoft Entra ID flaw allowed hijacking any company’s tenant A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. […] Ionut Ilascu Go to bleepingcomputer

FBI warns of cybercriminals using fake FBI crime reporting portals The FBI warned today that cybercriminals are impersonating its Internet Crime Complaint Center (IC3) website in what the law enforcement agency described as “possible malicious activity.” […] Sergiu Gatlan Go to bleepingcomputer

CISA exposes malware kits deployed in Ivanti EPMM attacks The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). […] Ionut Ilascu Go to bleepingcomputer

Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT’s License Servlet that can be exploited in command injection attacks. […] Sergiu Gatlan Go to bleepingcomputer

Known. Emerging. Unstoppable? Ransomware Attacks Still Evade Defenses Ransomware remains one of the most destructive threats—because defenses keep failing. Picus Blue Report 2025 shows prevention dropped to 62%, while data exfiltration prevention collapsed to just 3%. […] Sponsored by Picus Security Go to bleepingcomputer

UK arrests ‘Scattered Spider’ teens linked to Transport for London hack Two teenagers, believed to be linked to the August 2024 cyberattack on Transport for London, have been arrested in the United Kingdom. […] Sergiu Gatlan Go to bleepingcomputer

SystemBC malware turns infected VPS systems into proxy highway The operators of the SystemBC proxy botnet are hunting for vulnerable commercial virtual private servers (VPS) and maintain an average of 1,500 bots every day that provide a highway for malicious traffic. […] Ionut Ilascu Go to bleepingcomputer

Target-rich environment: Why Microsoft 365 has become the biggest risk Microsoft 365’s dominance and tight integration makes it a massive target in today’s cyber landscape. Its tight integration expands the attack surface and amplifies risk. Learn from Acronis TRU why backup blind spots & lateral movement risks demand stronger defenses. […] Sponsored by Acronis Go…

WatchGuard warns of critical vulnerability in Firebox firewalls WatchGuard has released security updates to address a remote code execution vulnerability impacting the company’s Firebox firewalls. […] Sergiu Gatlan Go to bleepingcomputer

Google patches sixth Chrome zero-day exploited in attacks this year Google has released emergency security updates to patch a Chrome zero-day vulnerability, the sixth one tagged as exploited in attacks since the start of the year. […] Sergiu Gatlan Go to bleepingcomputer

ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. […] Lawrence Abrams Go to bleepingcomputer

VC giant Insight Partners warns thousands after ransomware breach New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack. […] Sergiu Gatlan Go to bleepingcomputer

SonicWall warns customers to reset credentials after breach SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that impacted MySonicWall accounts. […] Sergiu Gatlan Go to bleepingcomputer

BreachForums hacking forum admin resentenced to three years in prison Conor Brian Fitzpatrick, the 22-year-old behind the notorious BreachForums hacking forum, was resentenced today to three years in prison after a federal appeals court overturned his prior sentence of time served and 20 years of supervised release. […] Lawrence Abrams Go to bleepingcomputer

Self-propagating supply chain attack hits 187 npm packages Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed ‘Shai-Hulud’ started yesterday with the compromise of the @ctrl/tinycolor npm package, and has now expanded to CrowdStrike’s npm namespace. […] Ax Sharma Go to bleepingcomputer

Google nukes 224 Android malware apps behind massive ad fraud campaign A massive Android ad fraud operation dubbed “SlopAds” was disrupted after 224 malicious applications on Google Play were used to generate 2.3 billion ad requests per day. […] Lawrence Abrams Go to bleepingcomputer

FinWise insider breach impacts 689K American First Finance customers FinWise Bank is warning on behalf of corporate customers that it suffered a data breach after a former employee accessed sensitive files after the end of their employment. […] Lawrence Abrams Go to bleepingcomputer

New Phoenix attack bypasses Rowhammer defenses in DDR5 memory Academic researchers have devised a new variant of Rowhammer attacks that bypass the latest protection mechanisms on DDR5 memory chips from SK Hynix. […] Ionut Ilascu Go to bleepingcomputer