PowerSchool hacker pleads guilty to student data extortion scheme
A 19-year-old college student from Worcester, Massachusetts, has agreed to plead guilty to a massive cyberattack on PowerSchool that extorted millions of dollars in exchange for…
Category: Bleeping Computer
Mobile carrier Cellcom confirms cyberattack behind extended outages
Wisconsin wireless provider Cellcom has confirmed that a cyberattack is responsible for the widespread service outage and disruptions that began on the evening of May…
Premium WordPress ‘Motors’ theme vulnerable to admin takeover attacks
A critical privilege escalation vulnerability has been discovered in the premium WordPress theme Motors, which allows unauthenticated attackers to hijack administrator accounts and take complete…
VanHelsing ransomware builder leaked on hacking forum
The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell…
SK Telecom says malware breach lasted 3 years, impacted 27 million numbers
SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27…
Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains
A threat actor tracked as ‘Hazy Hawk’ is hijacking forgotten DNS CNAME records pointing to abandoned cloud services, taking over trusted subdomains of governments, universities, and…
What can you do about it?
Service desk agents are here to help, and we all prefer to talk to an understanding person than a chatbot when wrestling with an IT…
RVTools hit in supply chain attack to deliver Bumblebee malware
The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized…
OpenAI plans to combine multiple models into GPT-5
OpenAI is planning to combine multiple products (features or models) into its next foundational model, which is called GPT-5. ChatGPT currently has too many capable…
Fake KeePass password manager leads to ESXi ransomware attack
Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and…
Hackers earn $1,078,750 for 28 zero-days at Pwn2Own Berlin
The Pwn2Own Berlin 2025 hacking competition has concluded, with security researchers earning $1,078,750 after exploiting 29 zero-day vulnerabilities and encountering some bug collisions. Throughout the…
O2 UK patches bug leaking mobile user location from call metadata
A flaw in O2 UK’s implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other…