WhatsApp patches vulnerability exploited in zero-day attacks
WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks. The company says this zero-click…
Category: Bleeping Computer
Microsoft to enforce MFA for Azure resource management in October
Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts. This change…
Microsoft says recent Windows update didn’t kill your SSD
Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues affecting solid-state drives (SSDs) and…
US targets North Korean IT worker army with new sanctions
The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned two individuals and two companies associated with North Korean IT worker schemes that operate at the…
Google warns Salesloft breach impacted some Workspace accounts
Google now reports that the Salesloft Drift breach is larger than initially thought, warning that attackers also used stolen OAuth tokens to access a small…
Google shares workarounds for auth failures on ChromeOS devices
Google is working to resolve authentication issues affecting some ChromeOS devices, which are preventing affected users from signing into their Clever and ClassLink accounts. As the…
Police seize VerifTools fake ID marketplace servers, domains
The FBI and the Dutch Police have shut down the VerifTools marketplace for fraudulent identity documents after seizing servers in Amsterdam that hosted the online operation.…
Malware devs abuse Anthropic’s Claude AI to build ransomware
Anthropic’s Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages. The…
Microsoft Word will save your files to the cloud by default
Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default. The company is currently testing this…
Passwordstate dev urges users to patch auth bypass vulnerability
Click Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity authentication bypass vulnerability as soon as possible. Passwordstate…
MATLAB dev says ransomware gang stole data of 10,000 people
MathWorks, a leading developer of mathematical simulation and computing software, revealed that a ransomware gang stole the data of over 10,000 people after breaching its…
Shadow IT Is Expanding Your Attack Surface. Here’s Proof
Shadow IT – the systems your security team doesn’t know about – is a persistent challenge. Policies may ban them, but unmanaged assets inevitably slip…