Tag: bleepingcomputer

Lovense sex toy app flaw leaks private user email addresses The connected sex toy platform Lovense is vulnerable to a zero-day flaw that allows an attacker to get access to a member’s email address simply by knowing their username, putting them at risk of doxxing and harassment. […] Lawrence Abrams Go to bleepingcomputer

Tea app leak worsens with second database exposing user chats The Tea app data breach has grown into an even larger leak, with the stolen data now shared on hacking forums and a second database discovered that allegedly contains 1.1 million private messages exchanged between the app’s members. […] Lawrence Abrams Go to bleepingcomputer

Endgame Gear mouse config tool infected users with malware Gaming peripherals maker Endgame Gear is warning that malware was hidden in its configuration tool for the OP1w 4k v2 mouse hosted on the official website between June 26 and July 9, 2025. […] Bill Toulas Go to bleepingcomputer

Scattered Spider is running a VMware ESXi hacking spree Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors. […] Bill Toulas Go to bleepingcomputer

Allianz Life confirms data breach impacts majority of 1.4 million customers Insurance company Allianz Life has confirmed that the personal information for the “majority” of its 1.4 million customers was exposed in a data breach that occurred earlier this month. […] Lawrence Abrams Go to bleepingcomputer

Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account. […] Bill Toulas Go to bleepingcomputer

The role of the cybersecurity PM in incident-driven development From PowerShell abuse to USB data theft, modern threats hit fast—and hard.vSee how security-minded PMs are responding with real-time controls, smarter policies, and tools like ThreatLocker Patch Management. […] Sponsored by ThreatLocker Go to bleepingcomputer

Woman gets 8 years for aiding North Koreans infiltrate 300 US firms Christina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies. […] Sergiu Gatlan Go to bleepingcomputer

BlackSuit ransomware extortion sites seized in Operation Checkmate Law enforcement has seized the dark web extortion sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years. […] Sergiu Gatlan Go to bleepingcomputer

Mitel warns of critical MiVoice MX-ONE authentication bypass flaw Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. […] Sergiu Gatlan Go to bleepingcomputer

Lumma infostealer malware returns after law enforcement disruption The Lumma infostealer malware operation is gradually resuming activities following a massive law enforcement operation in May, which resulted in the seizure of 2,300 domains and parts of its infrastructure. […] Bill Toulas Go to bleepingcomputer

Coyote malware abuses Windows accessibility framework for data theft A new variant of the banking trojan ‘Coyote’ has begun abusing a Windows accessibility feature, Microsoft’s UI Automation framework, to identify which banking and cryptocurrency exchange sites are accessed on the device for potential credential theft. […] Bill Toulas Go to bleepingcomputer

CISA and FBI warn of escalating Interlock ransomware attacks CISA and the FBI warned on Tuesday of increased Interlock ransomware activity targeting businesses and critical infrastructure organizations in double extortion attacks. […] Sergiu Gatlan Go to bleepingcomputer

Ring denies breach after users report suspicious logins Ring is warning that a backend update bug is responsible for customers seeing a surge in unauthorized devices logged into their account on May 28th. […] Bill Toulas Go to bleepingcomputer

Dior begins sending data breach notifications to U.S. customers The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. […] Bill Toulas Go to bleepingcomputer

HPE warns of hardcoded passwords in Aruba access points Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface. […] Bill Toulas Go to bleepingcomputer

Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. […] Lawrence Abrams Go to bleepingcomputer

Popular npm linter packages hijacked via phishing to drop malware Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft. […] Ax Sharma Go to bleepingcomputer

New CrushFTP zero-day exploited in attacks to hijack servers CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. […] Lawrence Abrams Go to bleepingcomputer

UK ties GRU to stealthy Microsoft 365 credential-stealing malware The UK National Cyber Security Centre (NCSC) has formally attributed ‘Authentic Antics’ espionage malware attacks to APT28 (Fancy Bear), threat actor already linked to Russia’s military intelligence service (GRU). […] Bill Toulas Go to bleepingcomputer

Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed “CitrixBleed 2,” was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks. […] Lawrence Abrams Go to bleepingcomputer

VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. […] Lawrence Abrams Go to bleepingcomputer

Microsoft Teams voice calls abused to push Matanbuchus malware The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk. […] Bill Toulas Go to bleepingcomputer

Co-op confirms data of 6.5 million members stolen in cyberattack UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the massive cyberattack in April that shut down systems and caused food shortages in its grocery stores. […] Lawrence Abrams Go to bleepingcomputer

Louis Vuitton says regional data breaches tied to same cyberattack Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident, which is believed to be linked to the ShinyHunters extortion group. […] Lawrence Abrams Go to bleepingcomputer

Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration. […] Bill Toulas Go to bleepingcomputer

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances. […] Ionut Ilascu Go to bleepingcomputer

Abacus dark web drug market goes offline in suspected exit scam Abacus Market, the largest Western darknet marketplace supporting Bitcoin payments, has shut down its public infrastructure in a move suspected to be an exit scam. […] Bill Toulas Go to bleepingcomputer

North Korean XORIndex malware hidden in 67 malicious npm packages North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. […] Bill Toulas Go to bleepingcomputer

UK launches vulnerability research program for external experts UK’s National Cyber Security Centre (NCSC) has announced a new Vulnerability Research Initiative (VRI) that aims to strengthen relations with external cybersecurity experts. […] Bill Toulas Go to bleepingcomputer

Interlock ransomware adopts FileFix method to deliver malware Hackers have adopted the new technique called ‘FileFix’ in Interlock ransomware attacks to drop a remote access trojan (RAT) on targeted systems. […] Bill Toulas Go to bleepingcomputer

Malicious VSCode extension in Cursor IDE led to $500K crypto theft A fake extension for the Cursor AI IDE code editor infected devices with remote access tools and infostealers, which, in one case, led to the theft of $500,000 in cryptocurrency from a Russian crypto developer. […] Lawrence Abrams Go to bleepingcomputer

Hackers are exploiting critical RCE flaw in Wing FTP Server Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. […] Bill Toulas Go to bleepingcomputer

‘123456’ password exposed chats for 64 million McDonald’s job chatbot applications Cybersecurity researchers discovered a vulnerability in McHire, McDonald’s chatbot job application platform, that exposed the chats of more than 64 million job applications across the United States. […] Lawrence Abrams Go to bleepingcomputer

‘123456’ password exposed chats for 64 million McDonald’s job applicants Cybersecurity researchers discovered a vulnerability in McHire, McDonald’s chatbot job application platform, that exposed the chats of more than 64 million job applicants across the United States. […] Lawrence Abrams Go to bleepingcomputer

Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. […] Lawrence Abrams Go to bleepingcomputer

WordPress Gravity Forms developer hacked to push backdoored plugins The popular WordPress plugin Gravity Forms has been compromised in what seems a supply-chain attack where manual installers from the official website were infected with a backdoor. […] Bill Toulas Go to bleepingcomputer

The zero-day that could’ve compromised every Cursor and Windsurf user Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could’ve let attackers hijack millions of dev machines via an extension supply chain attack. The zero-day threat’s been patched—but the wake-up call is clear: extensions are a new, massive supply chain risk. […] Sponsored…

Russian pro basketball player arrested for alleged role in ransomware attacks Russian professional basketball player Daniil Kasatkin was arrested in France at the request of the United States for allegedly acting as a negotiator for a ransomware gang. […] Lawrence Abrams Go to bleepingcomputer

PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars Four vulnerabilities dubbed PerfektBlue and affecting the BlueSDK Bluetooth stack from OpenSynergy can be exploited to achieve remote code execution and potentially allow access to critical elements in vehicles from multiple vendors, including Mercedes-Benz AG, Volkswagen, and Skoda. […] Bill Toulas Go to bleepingcomputer

FBI’s CJIS demystified: Best practices for passwords, MFA & access control FBI’s Criminal Justice Information Services (CJIS) compliance isn’t optional when handling law enforcement data. From MFA to password hygiene, see how Specops Software helps meet FBI standards while also securing your Windows Active Directory. […] Sponsored by Specops Software Go to bleepingcomputer

Qantas confirms data breach impacts 5.7 million customers Australian airline Qantas has confirmed that 5.7 million people have been impacted by a recent data breach, in which threat actors stole customers’ data. […] Lawrence Abrams Go to bleepingcomputer

M&S confirms social engineering led to massive ransomware attack M&S confirmed today that the retail outlet’s network was initially breached in a “sophisticated impersonation attack” that ultimately led to a DragonForce ransomware attack. […] Lawrence Abrams Go to bleepingcomputer

Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage A Chinese national was arrested in Milan, Italy, last week for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which responsible for cyberattacks against American organizations and government agencies. […] Lawrence Abrams Go to bleepingcomputer

Public exploits released for Citrix Bleed 2 NetScaler flaw, patch now Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. […] Lawrence Abrams Go to bleepingcomputer

Atomic macOS infostealer adds backdoor for persistent attacks Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as ‘AMOS’) that comes with a backdoor, to attackers persistent access to compromised systems. […] Bill Toulas Go to bleepingcomputer

Qantas is being extorted in recent data-theft cyberattack Qantas has confirmed that it is now being extorted by threat actors following a cyberattack that potentially exposed the data for 6 million customers. […] Lawrence Abrams Go to bleepingcomputer

Ingram Micro outage caused by SafePay ransomware attack An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. […] Lawrence Abrams Go to bleepingcomputer

Ingram Micro suffers global outage as internal systems inaccessible IT giant Ingram Micro is experiencing a global outage that is impacting its websites and internal systems, with customers concerned that it may be a cyberattack after the company remains silent on the cause of the issues. […] Lawrence Abrams Go to bleepingcomputer

Hacker leaks Telefónica data allegedly stolen in a new breach A hacker is threatening to leak 106GB of data allegedly stolen from Spanish telecommunications company Telefónica in a breach that the company did not acknowledge. […] Ionut Ilascu Go to bleepingcomputer