OKX suspends DEX aggregator after Lazarus hackers try to launder funds
OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the...
Read more →Category: Bleeping Computer
Supply chain attack on popular GitHub Action exposes CI/CD secrets
A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to...
Read more →
Critical RCE flaw in Apache Tomcat actively exploited in attacks
A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling...
Read more →
March Windows updates mistakenly uninstall Copilot
Microsoft says the March 2025 Windows cumulative updates automatically and mistakenly remove the AI-powered Copilot digital assistant from some Windows...
Read more →
Fake “Security Alert” issues on GitHub use OAuth app to hijack accounts
A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues, tricking developers into authorizing a...
Read more →
Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts
Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft...
Read more →
New Akira ransomware decryptor cracks encryptions keys using GPUs
Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to...
Read more →
Coinbase phishing email tricks users with fake wallet migration
A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with...
Read more →
Week-long Exchange Online outage causes email failures, delays
Microsoft says it partially mitigated a week-long Exchange Online outage causing delays or failures when sending or receiving email messages....
Read more →
Cisco IOS XR vulnerability lets attackers crash BGP on routers
Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers...
Read more →
Ransomware gang creates tool to automate VPN brute-force attacks
The Black Basta ransomware operation created an automated brute-forcing framework dubbed ‘BRUTED’ to breach edge networking devices like firewalls and...
Read more →
Suspected LockBit ransomware dev extradited to United States
A dual Russian-Israeli national, suspected of being a key developer for the LockBit ransomware operation, has been extradited to the...
Read more →