SystemBC malware turns infected VPS systems into proxy highway
The operators of the SystemBC proxy botnet are hunting for vulnerable commercial virtual private servers (VPS) and maintain an average of 1,500 bots every day…
Category: Bleeping Computer
UK arrests ‘Scattered Spider’ teens linked to Transport for London hack
Two teenagers, believed to be linked to the August 2024 cyberattack on Transport for London, have been arrested in the United Kingdom. Believed to be…
Notepad gets free AI features on Copilot+ PCs with Windows 11
Microsoft is adding free AI-powered text writing capabilities to Notepad for customers with Copilot+ PCs running Windows 11. Currently, this change is being rolled out…
PyPI invalidates tokens stolen in GhostAction supply chain attack
The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early September, confirming that the threat actors…
WatchGuard warns of critical vulnerability in Firebox firewalls
WatchGuard has released security updates to address a remote code execution vulnerability impacting the company’s Firebox firewalls. Tracked as CVE-2025-9242, this critical security flaw is…
Google patches sixth Chrome zero-day exploited in attacks this year
Google has released emergency security updates to patch a Chrome zero-day vulnerability, the sixth one tagged as exploited in attacks since the start of the…
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks
The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year,…
VC giant Insight Partners warns thousands after ransomware breach
New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack. The…
SonicWall warns customers to reset credentials after breach
SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that impacted MySonicWall accounts. After detecting…
Dissecting Evolving Threat Actor Techniques
By John Hammond, Alden Schmidt, Lindsey Welch During the past fifteen business days, Huntress analysts have observed increased threat activity involving several notable techniques. One…
Office 2016 and Office 2019 reach end of support next month
Microsoft reminded customers again this week that Office 2016 and Office 2019 will reach the end of extended support in less than 30 days, on…
Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials. In early September…