FBI arrests suspect linked to $46M crypto theft from US Marshals
A U.S. government contractor’s son, accused of stealing more than $46 million in cryptocurrency from the U.S. Marshals Service, was arrested Wednesday on the island…
Category: Bleeping Computer
WordPress membership plugin bug exploited to create admin accounts
Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than 60,000 WordPress sites. Developed by WPEverest,…
Wikipedia hit by self-propagating JavaScript worm that vandalized pages
Update: Added Wikimedia Foundation’s statement below and made a correction to denote it was only the Meta-Wiki that was vandalized. The Wikimedia Foundation suffered a…
Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing’s AI-enhanced search feature instructed users to run commands that deployed information stealers and…
FBI investigates breach of surveillance and wiretap systems
The U.S. Federal Bureau of Investigation (FBI) confirmed on Thursday that it’s investigating a breach that affected systems used to manage surveillance and wiretap warrants.…
Ghanain man pleads guilty to role in $100 million fraud ring
A Ghanaian national pleaded guilty to his role in a massive fraud ring that stole over $100 million from victims across the United States through…
Microsoft 365 Backup to add file-level restore for faster recovery
Microsoft will soon begin rolling out a significant upgrade to Microsoft 365 Backup to speed up recovery by allowing administrators to restore individual files and…
Fake Claude Code install guides push infostealers in InstallFix attacks
Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext…
Hackers abusing AI at every stage of cyberattacks
Microsoft says threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects…
Termite ransomware breaches linked to ClickFix CastleRAT attacks
Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.…
CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the…
Cognizant TriZetto breach exposes health data of 3.4 million patients
TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that…