Hacker ‘NullBulge’ pleads guilty to stealing Disney’s Slack data
A California man who used the alias “NullBulge” has pleaded guilty to illegally accessing Disney’s internal Slack channels and stealing over 1.1 terabytes of internal company…
Category: Bleeping Computer
Ukrainian extradited to US for Nefilim ransomware attacks
A Ukrainian national has been extradited from Spain to the United States to face charges over allegedly conducting Nefilim ransomware attacks against companies. The suspect,…
Pro-Russia hacktivists bombard Dutch public orgs with DDoS attacks
Russia-aligned hacktivists persistently target key public and private organizations in the Netherlands with distributed denial of service (DDoS) attacks, causing access problems and service disruptions.…
Harrods the next UK retailer targeted in a cyberattack
London’s iconic department store, Harrods, has confirmed it was targeted in a cyberattack, becoming the third major UK retailer to report cyberattacks in a week…
Malicious PyPI packages abuse Gmail, websockets to hijack systems
Seven malicious PyPi packages were found using Gmail’s SMTP servers and WebSockets for data exfiltration and remote command execution. The packages were discovered by Socket’s…
Hackers abuse IPv6 networking feature to hijack software updates
A China-aligned APT threat actor named “TheWizards” abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware. According…
WordPress plugin disguised as a security tool injects backdoor
A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. According…
WhatsApp unveils ‘Private Processing’ for cloud-based AI features
WhatsApp has announced the introduction of ‘Private Processing,’ a new technology that enables users to utilize advanced AI features by offloading tasks to privacy-preserving cloud servers.…
FBI shares massive list of 42,000 LabHost phishing domains
The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in…
SMA100 VPN vulnerabilities now exploited in attacks
Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. On Tuesday,…
Commvault says recent breach didn’t impact customer backup data
Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn’t gain access to customer backup data.…
UK retailer Co-op shuts down some IT systems after hack attempt
British supermarket chain Co-op shut down parts of its IT systems after detecting an attempted intrusion into its network, disrupting back office and call center…