Category: Bleeping Computer

Hundreds of fake Reddit sites push Lumma Stealer malware
23
Jan
2025

Hundreds of fake Reddit sites push Lumma Stealer malware

Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading…

QNAP
23
Jan
2025

QNAP fixes six Rsync vulnerabilities in NAS backup, recovery app

QNAP has fixed six rsync vulnerabilities that could let attackers gain remote code execution on unpatched Network Attached Storage (NAS)…

Ivanti
23
Jan
2025

Hackers still exploiting older Ivanti bugs to breach networks

CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since…

Brave Search now lets users ‘Rerank’ results from favorite sites
23
Jan
2025

Brave Search now lets users ‘Rerank’ results from favorite sites

Brave Search has introduced a new feature called Rerank, which allows users to define search results ordering preferences and set…

J-magic backdoor vets reply before giving access to enterprise Juniper routers
23
Jan
2025

Stealthy ‘Magic Packet’ malware targets Juniper VPN gateways

A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that…

SonicWall
23
Jan
2025

SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks

SonicWall is warning about a pre-authentication deserialization vulnerability in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), with…

Pwn2Own Tokyo
23
Jan
2025

Tesla EV charger hacked twice on second day of Pwn2Own Tokyo

​Security researchers hacked Tesla’s Wall Connector electric vehicle charger twice on the second day of the Pwn2Own Automotive 2025 hacking…

Wordpress
23
Jan
2025

Critical zero-days impact premium WordPress real estate plugins

The RealHome theme and the Easy Real Estate plugins for WordPress are vulnerable to two critical severity flaws that allow…

Cloudflare
23
Jan
2025

Cloudflare CDN flaw leaks user location data, even through secure chat apps

A security researcher discovered a flaw in Cloudflare’s content delivery network (CDN), which could expose a person’s general location by simply…

Telegram
23
Jan
2025

Telegram captcha tricks you into running malicious PowerShell scripts

Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that…

Cisco
22
Jan
2025

Cisco warns of denial of service flaw with PoC exploit code

Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code. Tracked as…

Hacker in a school
22
Jan
2025

PowerSchool hacker claims they stole data of 62 million students

The hacker who breached education tech giant PowerSchool claimed in an extortion demand that they stole the personal data of…