Ivanti warns of critical Neurons for ITSM auth bypass flaw
Ivanti has released security updates for its Neurons for ITSM IT service management solution that mitigate a critical authentication bypass vulnerability. Tracked as CVE-2025-22462, the…
Category: Bleeping Computer
New Intel CPU flaws leak sensitive data from privileged memory
A new “Branch Privilege Injection” flaw in all modern Intel CPUs allows attackers to leak sensitive data from memory regions allocated to privileged software like the…
Microsoft will update Office apps on Windows 10 until 2028
Microsoft has backtracked on its plan to end support for Office apps on Windows 10 later this year and announced that it will continue providing…
M&S says customer data stolen in cyberattack, forces password resets
Marks and Spencer (M&S) confirms that customer data was stolen in a cyberattack last month, when ransomware was used to encrypt servers. The attack occurred…
ASUS DriverHub flaw let malicious sites run commands with admin rights
The ASUS DriverHub driver management utility was vulnerable to a critical remote code execution flaw that allowed malicious sites to execute commands on devices with…
Windows 11 upgrade block lifted after Safe Exam Browser fix
Microsoft has removed an upgrade block that prevented some Safe Exam Browser users from installing the Windows 11 2024 Update due to incompatibility issues. Safe…
Hackers now testing ClickFix attacks against Linux targets
A new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible.…
Output Messenger flaw exploited as zero-day in espionage attacks
A Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. Microsoft Threat Intelligence analysts who…
Majority of Browser Extensions Pose Critical Security Risk, A New Report Reveals
Browser extensions have become deeply embedded in employees’ daily workflows, aiding tasks from grammar checking to discount hunting. Yet, their extensive permissions create significant security…
Moldova arrests suspect linked to DoppelPaymer ransomware attacks
Moldovan authorities have detained a 45-year-old suspect linked to DoppelPaymer ransomware attacks targeting Dutch organizations in 2021. Police officers searched the suspect’s home and car…
Google to pay $1.375 billion to settle Texas data privacy violations
Google has agreed to a $1.375 billion settlement with the state of Texas over a 2022 lawsuit that alleged it had been collecting and using…
iClicker site hack targeted students with malware via fake CAPTCHA
The website of iClicker, a popular student engagement platform, was compromised in a ClickFix attack that used a fake CAPTCHA prompt to trick students and…