Category: Bleeping Computer

Windows 10
22
Apr
2025

Windows 10 KB5055612 preview update fixes a GPU bug in WSL2

Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for…

Zoom
22
Apr
2025

Hackers abuse Zoom remote control feature for crypto-theft attacks

A hacking group dubbed ‘Elusive Comet’ targets cryptocurrency users in social engineering attacks that exploit Zoom’s remote control feature to…

Sim card
22
Apr
2025

SK Telecom warns customer USIM data exposed in malware attack

South Korea’s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related…

Cryptocurrency hackers
22
Apr
2025

Ripple’s recommended XRP library xrpl.js hacked to steal wallets

The recommended Ripple cryptocurrency NPM JavaScript library named “xrpl.js” was compromised to steal XRP wallet seeds and private keys and…

Digital cookies
22
Apr
2025

Cookie-Bite attack PoC uses Chrome extension to steal session tokens

A proof-of-concept attack called “Cookie-Bite” uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor…

Microsoft
21
Apr
2025

Microsoft Entra account lockouts caused by user token logging mishap

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged…

Hacker
21
Apr
2025

State-sponsored hackers embrace ClickFix social engineering tactic

ClickFix attacks are gaining traction among threat actors, with multiple advanced persistent threat (APT) groups from North Korea, Iran, and…

Weakness in Google
21
Apr
2025

Phishers abuse Google OAuth to spoof Google in DKIM replay attack

In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered…

Monitors
21
Apr
2025

WordPress ad-fraud plugins generated 1.4 billion ad requests per day

A large-scale ad fraud operation called ‘Scallywag’ is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that…

Microsoft with a red background
20
Apr
2025

Widespread Microsoft Entra lockouts tied to new security feature rollout

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft…

Stopwatch
20
Apr
2025

Critical Erlang/OTP SSH RCE bug now has public exploits, patch now

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute…

Credit Cards
20
Apr
2025

New Android malware steals your credit cards for NFC relay attacks

A new malware-as-a-service (MaaS) platform named ‘SuperCard X’ has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale…