Tag: bleepingcomputer

Grafana releases critical security update for Image Renderer plugin Grafana Labs has addressed four Chromium vulnerabilities in critical security updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent. […] Bill Toulas Go to bleepingcomputer

IdeaLab confirms data stolen in ransomware attack last year IdeaLab is notifying individuals impacted by a data breach incident last October when hackers accessed sensitive information. […] Bill Toulas Go to bleepingcomputer

NimDoor crypto-theft macOS malware revives itself when killed North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations. […] Bill Toulas Go to bleepingcomputer

DOJ investigates ex-ransomware negotiator over extortion kickbacks An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals. […] Lawrence Abrams Go to bleepingcomputer

Cisco warns that Unified CM has hardcoded root SSH credentials Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. […] Sergiu Gatlan Go to bleepingcomputer

Qantas discloses cyberattack amid Scattered Spider aviation breaches Australian airline Qantas disclosed that it detected a cyberattack on Monday after threat actors gained access to a third-party platform containing customer data. […] Lawrence Abrams Go to bleepingcomputer

Kelly Benefits says 2024 data breach impacts 550,000 customers Kelly & Associates Insurance Group (dba Kelly Benefits) is informing more than half a million people of a data breach that compromised their personal information. […] Bill Toulas Go to bleepingcomputer

Aeza Group sanctioned for hosting ransomware, infostealer servers The U.S. Department of the Treasury has sanctioned Russian hosting company Aeza Group and four operators for allegedly acting as a bulletproof hosting company for ransomware gangs, infostealer operations, darknet drug markets, and Russian disinformation campaigns. […] Lawrence Abrams Go to bleepingcomputer

U.S. warns of Iranian cyber threats on critical infrastructure U.S. cyber agencies, the FBI, and NSA issued an urgent warning today about potential cyberattacks from Iranian-affiliated hackers targeting U.S. critical infrastructure. […] Lawrence Abrams Go to bleepingcomputer

Bluetooth flaws could let hackers spy through your microphone Vulnerabilities affecting a Bluetooth chipset present in more than two dozen audio devices from ten vendors can be exploited for eavesdropping or stealing sensitive information. […] Ionut Ilascu Go to bleepingcomputer

Let’s Encrypt ends certificate expiry emails to cut costs, boost privacy Let’s Encrypt has announced it will no longer notify users about imminent certificate expirations via email due to high costs, privacy concerns, and unnecessary complexities. […] Bill Toulas Go to bleepingcomputer

Scattered Spider hackers shift focus to aviation, transportation firms Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors […] Lawrence Abrams Go to bleepingcomputer

Citrix Bleed 2 flaw now believed to be exploited in attacks A critical NetScaler ADC and Gateway vulnerability dubbed “Citrix Bleed 2” (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices. […] Bill Toulas Go to bleepingcomputer

Retail giant Ahold Delhaize says data breach affects 2.2 million people Ahold Delhaize, one of the world’s largest food retail chains, is notifying over 2.2 million individuals that their personal, financial, and health information was stolen in a November ransomware attack that impacted its U.S. systems. […] Sergiu Gatlan Go to bleepingcomputer

Whole Foods supplier UNFI restores core systems after cyberattack American grocery wholesale giant United Natural Foods (UNFI) reports that it has restored its core systems and brought online the electronic ordering and invoicing systems affected by a cyberattack. […] Sergiu Gatlan Go to bleepingcomputer

Hawaiian Airlines discloses cyberattack, flights not affected Hawaiian Airlines, the tenth-largest commercial airline in the United States, is investigating a cyberattack that has disrupted access to some of its systems. […] Sergiu Gatlan Go to bleepingcomputer

CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks CISA says a maximum severity vulnerability in AMI’s MegaRAC Baseboard Management Controller (BMC) software, which enables attackers to hijack and brick servers, is currently under active exploitation. […] Sergiu Gatlan Go to bleepingcomputer

Hacker ‘IntelBroker’ charged in US for global data theft breaches A British national known online as “IntelBroker” has been charged by the U.S. for stealing and selling sensitive data from dozens of victims, causing an estimated $25 million in damages. […] Lawrence Abrams Go to bleepingcomputer

Hackers turn ScreenConnect into malware using Authenticode stuffing Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden settings within the client’s  Authenticode signature. […] Lawrence Abrams Go to bleepingcomputer

Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft’s ClickOnce software deployment tool and custom Golang backdoors to compromise organizations within the energy, oil, and gas sectors. […] Ionut Ilascu Go to bleepingcomputer

SonicWall warns of trojanized NetExtender stealing VPN logins SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials. […] Bill Toulas Go to bleepingcomputer

APT28 hackers use Signal chats to launch new malware attacks on Ukraine The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent. […] Bill Toulas Go to bleepingcomputer

US Homeland Security warns of escalating Iranian cyberattack risks The U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists. […] Sergiu Gatlan Go to bleepingcomputer

Canada says Salt Typhoon hacked telecom firm via Cisco flaw The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored ‘Salt Typhoon’ hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February. […] Bill Toulas Go to bleepingcomputer

Revil ransomware members released after time served on carding charges Four REvil ransomware members arrested in January 2022 were released by Russia on time served after they pleaded guilty to carding and malware distribution charges. […] Sergiu Gatlan Go to bleepingcomputer

CoinMarketCap briefly hacked to drain crypto wallets via fake Web3 popup CoinMarketCap, the popular cryptocurrency price tracking site, suffered a website supply chain attack that exposed site visitors to a wallet drainer campaign to steal visitors’ crypto. […] Lawrence Abrams Go to bleepingcomputer

Russian hackers bypass Gmail MFA using stolen app passwords Russian hackers bypass multi-factor authentication and access Gmail accounts by leveraging app-specific passwords in advanced social engineering attacks that impersonate U.S. Department of State officials. […] Ionut Ilascu Go to bleepingcomputer

WordPress Motors theme flaw mass-exploited to hijack admin accounts Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme “Motors” to hijack administrator accounts and gain complete control of a targeted site. […] Bill Toulas Go to bleepingcomputer

Cloudflare blocks record 7.3 Tbps DDoS attack against hosting provider Cloudflare says it mitigated a record-breaking distributed denial of service (DDoS) attack in May 2025 that peaked at 7.3 Tbps, targeting a hosting provider. […] Bill Toulas Go to bleepingcomputer

Aflac discloses breach amidst Scattered Spider insurance attacks On Friday, American insurance giant Aflac disclosed that its systems were breached in a broader campaign targeting insurance companies across the United States by attackers who may have stolen personal and health information. […] Sergiu Gatlan Go to bleepingcomputer

Can users reset their own passwords without sacrificing security? Self-service password resets (SSPR) reduce helpdesk strain—but without strong security, they can open the door to attackers. Learn why phishing-resistant MFA, context-aware verification, and risk-based detection are critical to secure SSPR implementation. […] Sponsored by Specops Software Go to bleepingcomputer

No, the 16 billion credentials leak is not a new data breach News broke today of a “mother of all breaches,” sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. […] Lawrence Abrams…

Webinar: Stolen credentials are the new front door to your network Cybercriminals no longer need zero-days to breach your systems—these days, they just log in. Join BleepingComputer, SC Media, and Specops Software’s Darren Siegel on July 9 at 2:00 PM ET for a live webinar on how attackers are using stolen credentials to infiltrate networks…

Krispy Kreme says November data breach impacts over 160,000 people U.S. doughnut chain Krispy Kreme confirmed that attackers stole the personal information of over 160,000 individuals in a November 2024 cyberattack. […] Sergiu Gatlan Go to bleepingcomputer

Scania confirms insurance claim data breach in extortion attempt Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its systems and steal insurance claim documents. […] Bill Toulas Go to bleepingcomputer

Instagram ‘BMO’ ads use AI deepfakes to scam banking customers Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ads use AI-powered deepfake videos in an attempt to collect your personal information, while others drive…

Hackers switch to targeting U.S. insurance companies Threat intelligence researchers are warning of hackers breaching multiple U.S. companies in the insurance industry using all the tactics observed with Scattered Spider activity. […] Ionut Ilascu Go to bleepingcomputer

ASUS Armoury Crate bug lets attackers get Windows admin privileges A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines. […] Bill Toulas Go to bleepingcomputer

Washington Post’s email system hacked, journalists’ accounts compromised Email accounts of several Washington Post journalists were compromised in a cyberattack believed to have been carried out by a foreign government. […] Bill Toulas Go to bleepingcomputer

Kali Linux 2025.2 released with 13 new tools, car hacking updates Kali Linux 2025.2, the second release of the year, is now available for download with 13 new tools and an expanded car hacking toolkit. […] Sergiu Gatlan Go to bleepingcomputer

Zoomcar discloses security breach impacting 8.4 million users Zoomcar Holdings (Zoomcar) has disclosed via an 8-K form filing with the U.S. Securities and Exchange Commission (SEC) a data breach incident impacting 8.4 million users. […] Bill Toulas Go to bleepingcomputer

Over 46,000 Grafana instances exposed to account takeover bug More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover. […] Bill Toulas Go to bleepingcomputer

WestJet investigates cyberattack disrupting internal systems WestJet, Canada’s second-largest airline, is investigating a cyberattack that has disrupted access to some internal systems as it responds to the breach. […] Lawrence Abrams Go to bleepingcomputer

Anubis ransomware adds wiper to destroy files beyond recovery Bill Toulas Go to bleepingcomputer

Discord flaw lets hackers reuse expired invites in malware campaign Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware. […] Bill Toulas Go to bleepingcomputer

Victoria’s Secret restores critical systems after cyberattack Victoria’s Secret has restored all critical systems impacted by a May 24 security incident that forced it to shut down corporate systems and the e-commerce website. […] Sergiu Gatlan Go to bleepingcomputer

Trend Micro fixes critical vulnerabilities in multiple products Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. […] Bill Toulas Go to bleepingcomputer

Fog ransomware attack uses unusual mix of legitimate and open-source tools Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring software called Syteca. […] Bill Toulas Go to bleepingcomputer

SmartAttack uses smartwatches to steal data from air-gapped systems A new attack dubbed ‘SmartAttack’ uses smartwatches as a covert ultrasonic signal receiver to exfiltrate data from physically isolated (air-gapped) systems. […] Bill Toulas Go to bleepingcomputer

DanaBot malware operators exposed via C2 bug added in 2022 A vulnerability in the DanaBot malware operation introduced in June 2022 update led to the identification, indictment, and dismantling of their operations in a recent law enforcement action. […] Bill Toulas Go to bleepingcomputer