Coinbase breach tied to bribed TaskUs support agents in India
A recently disclosed data breach at Coinbase has been linked to India-based customer support representatives from outsourcing firm TaskUs, who threat actors bribed to steal data…
Category: Bleeping Computer
Malicious RubyGems pose as Fastlane to steal Telegram API data
Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data. RubyGems is the…
Microsoft adds quick machine recovery to Windows 11 settings
Microsoft is testing a dedicated page in Windows Settings for quick machine recovery, which will provide users with additional configuration options. This new settings page…
CISA warns of ConnectWise ScreenConnect bug exploited in attacks
CISA is alerting federal agencies in the U.S. of hackers exploiting a recently patched ScreenConnect vulnerability that could lead to executing remote code on the…
Mozilla launches new system to detect Firefox crypto drainer add-ons
Mozilla has developed a new security feature for its add-on portal that helps block Firefox malicious extensions that drain cryptocurrency wallets. According to a recent…
Three things the news doesn’t tell you
With the recent attacks on UK retailers Marks & Spencer and Co-op, so-called Scattered Spider has been all over the media, with coverage spilling over…
Victoria’s Secret delays earnings release after security incident
Fashion retail giant Victoria’s Secret has delayed its first quarter 2025 earnings release because of ongoing corporate system restoration efforts following a May 24 security…
Android malware Crocodilus adds fake contacts to spoof trusted callers
The latest version of the ‘Crocodilus’ Android malware has introduced a new mechanism that adds a fake contact to an infected device’s contact list to…
Google patches new Chrome zero-day bug exploited in attacks
Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year. “Google is aware…
The North Face warns customers of April credential stuffing attack
Outdoor apparel retailer The North Face is warning customers that their personal information was stolen in credential stuffing attacks targeting the company’s website in April.…
Cartier discloses data breach amid fashion brand cyberattacks
Luxury fashion brand Cartier is warning customers it suffered a data breach that exposed customers’ personal information after its systems were compromised. In notification letters…
Last week’s 7-hour outage caused by software flaw
American cybersecurity company SentinelOne revealed over the weekend that a software flaw triggered a seven-hour-long outage on Thursday. This massive outage affected multiple customer-facing services…