Category: Bleeping Computer

Login prompt
22
May
2025

Critical Samlify SSO flaw lets attackers log in as admin

A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions…

Claude
22
May
2025

Anthropic web config hints at Claude Sonnet 4 and Opus 4

Anthropic is secretly working on new models called Claude Sonnet 4 and Opus 4, which are believed to be the company’s…

GPT
22
May
2025

OpenAI hints at a big upgrade for ChatGPT Operator Agent

ChatGPT’s Operator, which is still in research preview, will soon become a “very useful tool,” according to Jerry Tworek, VP…

Russian hackers breach orgs to track aid routes to Ukraine
22
May
2025

Russian hackers breach orgs to track aid routes to Ukraine

A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since…

Russia
21
May
2025

Russia to enforce location tracking app on all foreigners in Moscow

The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in…

3AM
21
May
2025

3AM ransomware uses spoofed IT calls, email bombing to breach networks

A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer…

Data theft
21
May
2025

Lumma infostealer malware operation disrupted, 2,300 domains seized

Earlier this month, a coordinated disruption action targeting the Lumma malware-as-a-service (MaaS) information stealer operation seized thousands of domains and part…

Chrome
21
May
2025

Data-stealing Chrome extensions impersonate Fortinet, YouTube, VPNs

A Google Chrome Web Store campaign uses over 100 malicious browser extensions that mimic legitimate tools, such as VPNs, AI…

ThreatLocker Patch Management header
21
May
2025

A Security-First Approach to Closing Vulnerability Windows

Patching vulnerabilities is one of the most basic principles of cybersecurity — and one of the hardest to execute consistently…

Box
21
May
2025

Trojanized RVTools push Bumblebee malware in SEO poisoning campaign

Update 5/20/25 4:40 PM EST: In response to our questions about the attack, Dell states that the malicious RVTools installer was not…

European Union sanctions Stark Industries for enabling cyberattacks
21
May
2025

European Union sanctions Stark Industries for enabling cyberattacks

The European Union has imposed strict sanctions against web-hosting provider Stark Industries and the two individuals running it, CEO Iurie…

Kettering Health
21
May
2025

Kettering Health hit by system-wide outage after ransomware attack

Kettering Health, a healthcare network that operates 14 medical centers in Ohio, was forced to cancel inpatient and outpatient procedures…