Healthcare SaaS firm says data breach impacts 5.4 million patients
Episource warns of a data breach after hackers stole health information of over 5 million people in the United States in a January cyberattack. Episource…
Category: Bleeping Computer
‘Stargazers’ use fake Minecraft mods to steal player passwords
A large-scale malware campaign specifically targets Minecraft players with malicious mods and cheats that infect Windows devices with infostealers that steal credentials, authentication tokens, and…
Microsoft 365 to block file access via legacy auth protocols by default
Microsoft has announced that it will start updating security defaults for all Microsoft 365 tenants in July to block access to SharePoint, OneDrive, and Office…
CISA warns of attackers exploiting Linux flaw with PoC exploit
CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel’s OverlayFS subsystem that allows them to gain root privileges.…
How Trusted Domains Become Threat Vectors
Phishing remains one of cybersecurity’s most enduring threats, not because defenders aren’t evolving, but because attackers are adapting even faster. Today’s most effective campaigns aren’t…
BeyondTrust warns of pre-auth RCE in Remote Support software
BeyondTrust has released security updates to fix a high-severity flaw in its Remote Support (RS) and Privileged Remote Access (PRA) solutions that can let unauthenticated…
New Linux udisks flaw lets attackers get root on major Linux distros
Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions. The first flaw (tracked…
Asana warns MCP AI feature exposed customer data to other orgs
Work management platform Asana is warning users of its new Model Context Protocol (MCP) feature that a flaw in its implementation potentially led to data…
Paddle settles for $5 million over facilitating tech support scams
Paddle.com and its U.S. subsidiary will pay $5 million to settle Federal Trade Commission (FTC) allegations that the company facilitated deceptive tech-support schemes that harmed…
Scania confirms insurance claim data breach in extortion attempt
Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its Financial Services systems and steal insurance claim…
Hacker steals 1 million Cock.li user records in webmail data breach
Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over…
How to automate IT ticket handling with AI and Tines
Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by IT and security practitioners from across…