How CISOs Can Survive the Era of Geopolitical Cyberattacks
A five-step playbook to stop Iranian wiper campaigns before they spread Geopolitical tensions are increasingly spilling into cyberspace. For CISOs, that means preparing for attacks…
Category: Bleeping Computer
Police take down 373,000 fake CSAM sites in Operation Alice
An international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages. The investigation, led by…
FBI links Signal phishing attacks to Russian intelligence services
The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal…
Oracle pushes emergency fix for critical Identity Manager RCE flaw
Update: Added that Oracle declined to comment on whether the vulnerability has been exploited. Oracle has released an out-of-band security update to fix a critical…
CISA orders feds to patch max-severity Cisco flaw by Sunday
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by…
Musician admits to $10M streaming royalty fraud using AI bots
North Carolina musician Michael Smith has pleaded guilty to collecting over $10 million in royalty payments through a massive streaming royalty fraud scheme on Spotify,…
Bitrefill blames North Korean Lazarus group for cyberattack
Crypto-powered gift card store Bitrefill says that the attack it suffered at the beginning of the month was likely perpetrated by North Korean hackers of…
Navia discloses data breach impacting 2.7 million people
Navia Benefit Solutions, Inc. (Navia) is informing nearly 2.7 million individuals of a data breach that exposed their sensitive information to attackers. An investigation into…
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
A newly disclosed vulnerability dubbed ‘PolyShell’ affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover.…
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
Hackers part of APT28, a state-backed threat group linked to Russia’s military intelligence service (GRU), are exploiting a Zimbra Collaboration Suite (ZCS) vulnerability in attacks…
New ‘Perseus’ Android malware checks user notes for secrets
A new Android malware called Perseus is checking user-curated notes to steal sensitive information, like passwords, recovery phrases, or financial data. Distributed over unofficial stores…
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS). Zimbra is a very…