Hackers exploited Windows WebDav zero-day to drop malware
An APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in…
Category: Bleeping Computer
Brute-force attacks target Apache Tomcat management panels
A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. Tomcat is a popular open-source web…
Operation Secure disrupts global infostealer malware operations
An international law enforcement action codenamed “Operation Secure” targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures,…
Microsoft fixes unreachable Windows Server domain controllers
Microsoft has resolved a known issue that caused some Windows Server 2025 domain controllers to become unreachable after a restart and triggered app or service…
Microsoft fixes Windows Server auth issues caused by April updates
Microsoft has fixed a known issue causing authentication problems on Windows Server domain controllers after installing the April 2025 security updates. Platforms affected by these…
ConnectWise rotating code signing certificates over security concerns
ConnectWise is warning customers that it is rotating the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise RMM executables over security…
AI is a data-breach time bomb, reveals new report
AI is everywhere. Copilots help employees boost productivity, and agents provide front-line customer support. LLMs enable businesses to extract deep insights from their data. Once…
New Secure Boot flaw lets attackers install bootkit malware, patch now
Security researchers have disclosed a new Secure Boot bypass tracked as CVE-2025-3052 that can be used to turn off security on PCs and servers and…
FIN6 hackers pose as job seekers to backdoor recruiters’ devices
In a twist on typical hiring-related social engineering attacks, the FIN6 hacking group impersonates job seekers to target recruiters, using convincing resumes and phishing sites…
Windows 10 KB5060533 cumulative update released with 7 changes, fixes
Microsoft has released the KB5060533 cumulative update for Windows 10 22H2 and Windows 10 21H2, with seven fixes or changes, including bringing seconds back to…
Windows 11 KB5060842 and KB5060999 cumulative updates released
Microsoft has released Windows 11 KB5060842 and KB5060999 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues, including 66 flaws. Today’s updates are mandatory as they contain…
Microsoft Outlook to block more risky attachments used in attacks
Microsoft announced it will expand the list of blocked attachments in Outlook Web and the new Outlook for Windows starting next month. The company said…