How Universal 2nd Factor (U2F) boosts online security
Passwords have long been the bedrock of online security, but the vulnerabilities are obvious, ranging from human error to phishing attacks. Universal 2nd Factor (U2F)…
Category: Bleeping Computer
How Universal 2nd Factor (U2F) boosts online security
Passwords have long been the bedrock of online security, but the vulnerabilities are obvious, ranging from human error to phishing attacks. Universal 2nd Factor (U2F)…
Play ransomware exploited Windows logging flaw in zero-day attacks
The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised…
NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users
A U.S. federal jury has ordered Israeli spyware vendor NSO Group to pay WhatsApp $167,254,000 in punitive damages and $444,719 in compensatory damages for a…
Medical device maker Masimo warns of cyberattack, manufacturing delays
Medical device company Masimo Corporation warns that a cyberattack is impacting production operations and causing delays in fulfilling customers’ orders. Masimo Corporation is a California-based…
Police takes down six DDoS-for-hire services, arrests admins
Polish authorities have detained four suspects linked to six DDoS-for-hire platforms, believed to have facilitated thousands of attacks targeting schools, government services, businesses, and gaming…
April updates cause Windows Server auth issues
Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain controllers. The list of impacted platforms includes Windows…
Apache Parquet exploit tool detect servers vulnerable to critical flaw
A proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. The…
Critical Langflow RCE flaw exploited to hack AI app servers
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and…
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks
Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. Samsung MagicINFO Server…
UK Legal Aid Agency investigates cybersecurity incident
The Legal Aid Agency (LAA), an executive agency of the UK’s Ministry of Justice that oversees billions in legal funding, warned law firms of a…
New Microsoft 365 outage impacts Teams and other services
Microsoft is investigating a new Microsoft 365 outage affecting multiple services across North America, including the company’s Teams collaboration platform. Since the incident started over…