Microsoft fixes auth issues on Windows Server, Windows 11 24H2
Microsoft has fixed a known issue causing authentication problems when Credential Guard is enabled on systems using the Kerberos PKINIT pre-auth security protocol. According to…
Category: Bleeping Computer
Windows CLFS zero-day exploited by ransomware gang
Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on…
Hackers lurked in Treasury OCC’s systems since June 2023 breach
Unknown attackers who breached the Treasury’s Office of the Comptroller of the Currency (OCC) in June 2023 gained access to over 150,000 emails, according to…
Windows 10 KB5055518 update fixes random text when printing
Microsoft has released the KB5055518 cumulative update for Windows 10 22H2 and Windows 10 21H2, with nine changes or fixes. The Windows 10 KB5055518 update is…
Windows 11 KB5055523 & KB5055528 cumulative updates released
Microsoft has released Windows 11 KB5055523 and KB5055528 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. Today’s updates are mandatory as they contain the April 2025 Patch Tuesday…
WhatsApp flaw can let attackers run malicious code on Windows PCs
Meta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code…
New Mirai botnet behind surge in TVT DVR exploitation
A significant spike in exploitation attempts targeting TVT NVMS9000 DVRs has been detected, peaking on April 3, 2025, with over 2,500 unique IPs scanning for…
AWS rolls out ML-KEM to secure TLS from quantum threats
Amazon Web Services (AWS) has added support for the ML-KEM post-quantum key encapsulation mechanism to AWS Key Management Service (KMS), AWS Certificate Manager (ACM), and AWS…
Cybercriminal vs Windows bug-bounty researcher
EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted…
Google fixes Android zero-days exploited in attacks, 60 other flaws
Google has released patches for 62 vulnerabilities in Android’s April 2025 security update, including two zero-days exploited in targeted attacks. One of the zero-days, a…
Microsoft delays WSUS driver sync deprecation indefinitely
Microsoft announced today that, based on customer feedback, it will indefinitely delay removing driver synchronization in Windows Server Update Services (WSUS). “Seeing how many of…
Six arrested for AI-powered investment scams that stole $20 million
Spain’s police arrested six individuals behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to lure…