Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named “Snow,” which includes a browser extension, a tunneler,…
Category: Bleeping Computer
Microsoft rolls out revamped Windows Insider Program
Microsoft says it’s rolling out a revamped Windows Insider Program experience as part of the broader plans to address reliability concerns in Windows 11. For…
New BlackFile extortion group linked to surge of vishing attacks
A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality…
Windows Update gets new controls to reduce forced restarts
Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts.…
Firestarter malware survives Cisco firewall updates, security patches
Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive…
ADT confirms data breach after ShinyHunters leak threat
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. In…
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. The…
Microsoft now lets admins uninstall Copilot on enterprise devices
Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available…
Trigona ransomware attacks use custom exfiltration tool to steal data
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. The utility was emplayed…
Bitwarden CLI npm package compromised to steal developer credentials
Updated with further information from Bitwarden. The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload…
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. The…
New Checkmarx supply-chain breach affects KICS analysis tool
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. KICS, short…