Critical flaw in wolfSSL library enables forged certificate use
A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm or its size when checking Elliptic Curve…
Category: Bleeping Computer
European Gym giant Basic-Fit data breach affects 1 million members
Dutch fitness giant Basic-Fit announced that hackers breached its systems and gained access to information belonging to a million of its customers. The company operates…
Stolen Rockstar Games analytics data leaked by extortion gang
Rockstar Games has suffered a data breach linked to a recent security incident at Anodot, with the ShinyHunters extortion gang now leaking the stolen data…
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that has been exploited in zero-day attacks since at least…
Critical Marimo pre-auth RCE flaw now under active exploitation
Hackers started exploiting a critical vulnerability in the Marimo open-source reactive Python notebook platform just 10 hours after its public disclosure. The flaw allows remote…
Webinar: From noise to signal
Cyberattacks rarely come out of nowhere—threat actors often leave behind signals long before an intrusion begins. On Thursday, April 30, 2026 at 2:00 PM ET,…
When attackers already have the keys, MFA is just another door to open
The Figure breach exposed 967,200 email records without a single exploit. Understanding what that enables — and why your MFA cannot contain it — is…
Google Chrome adds infostealer protection against session cookie theft
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. macOS…
Over 20,000 crypto fraud victims identified in international crackdown
An international law enforcement action led by the U.K.’s National Crime Agency (NCA) has identified over 20,000 victims of cryptocurrency fraud across Canada, the United…
Canadian employees targeted in payroll pirate attacks
A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees’ salary payments after hijacking their accounts in payroll redirection (also known as payroll…
ChatGPT rolls out new $100 Pro subscription to challenge Claude
OpenAI has rolled out a new Pro subscription that costs $100 and is in line with Claude’s pricing, which also has a $100 subscription, in…
CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular…