Exploit details for max severity Cisco IOS XE flaw now public
Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to…
Category: Bleeping Computer
Hackers are exploiting critical flaw in vBulletin forum software
Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. The flaws, tracked…
Microsoft now testing Notepad text formatting in Windows 11
Microsoft announced today that the Windows 11 Notepad application is getting a text formatting feature supporting Markdown-style input. The feature is being introduced one year…
Getting Exposure Management Right: Insights from 500 CISOs
Results from Pentera’s 4th Pentesting report, which surveyed around 500 CISOs globally, show that while Exposure Management practices are maturing, there are still some gaps…
Police takes down AVCheck site used by cybercriminals to scan malware
An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software…
Germany doxxes Conti ransomware and TrickBot ring leader
The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old…
Attackers are mapping your attack surface—are you?
Today’s threat landscape, attack surfaces are expanding faster than most security teams can track. Every new cloud asset, exposed API, forgotten subdomain, or misconfigured service…
Cybercriminals exploit AI hype to spread ransomware, malware
Threat actors linked to lesser-known ransomware and malware projects now use AI tools as lures to infect unsuspecting victims with malicious payloads. This development follows…
Microsoft Authenticator now warns to export passwords before July cutoff
The Microsoft Authenticator app is now issuing notifications warning that the password autofill feature is being deprecated in July, suggesting users move to Microsoft Edge…
Mozilla releases Firefox 139.0.1 update to fix artifacts on Nvidia GPUs
Mozilla has rolled out an emergency Firefox 139.0.1 update after the Tuesday release caused graphical artifacts on PCs with NVIDIA GPUs. Firefox 139 shipped on May…
US sanctions firm linked to cyber scams behind $200 million in losses
The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over…
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
A weakness in Apple’s Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users. By abusing the…