Broken VECT 2.0 ransomware acts as a data wiper for large files
Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files…
Category: Bleeping Computer
US reportedly charges Scattered Spider hacker arrested in Finland
A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific…
Microsoft: New Remote Desktop warnings may display incorrectly
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. This known issue impacts…
Canada arrests three for operating “SMS blaster” device in Toronto
Canadian authorities have arrested three men for operating an “SMS blaster” device that pretends to be a cellular tower to send phishing texts to nearby…
Robinhood account creation flaw abused to send phishing emails
Online trading platform Robinhood’s account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts…
GlassWorm malware attacks return via 73 OpenVSX “sleeper” extensions
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 “sleeper” extensions that turn malicious after an update. Six of the…
FTC: Americans lost over $2.1 billion to social media scams in 2025
The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025. According…
Microsoft says Outlook.com outage is causing sign‑in failures
Microsoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing their mailboxes. Since the incident started over…
American utility firm Itron discloses breach of internal IT network
Utility technology company Itron, Inc. has disclosed that an unauthorized third party accessed some of its internal systems during a cyberattack. The company states that…
Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver.…
DORA and operational resilience: Credential management as a financial risk control
Author: Eirik Salmi, System Analyst at Passwork When a threat actor walks into your network using a legitimate username and password, which control stops them?…
Microsoft to roll out Entra passkeys on Windows in late April
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. The feature is expected to…