Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577,…
Category: Bleeping Computer
PowerSchool previously hacked in August, months before data breach
PowerSchool has published a long-awaited CrowdStrike investigation into its massive December 2024 data breach, which determined that the company was previously hacked over 4 months earlier,…
CISA tags critical Ivanti EPM flaws as actively exploited in attacks
CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. The three flaws (CVE-2024-13159,…
X hit by ‘massive cyberattack’ amid Dark Storm’s DDoS claims
The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections…
US govt says Americans lost record $12.5 billion to fraud in 2024
The U.S. Federal Trade Commission (FTC) said today that Americans lost a record $12.5 billion to fraud last year, a 25% increase over the previous…
Microsoft shares guidance on upcoming Publisher deprecation
Microsoft has published guidance for users of Microsoft Publisher as it will no longer be supported after October 2026 and removed from Microsoft 365. Specifically,…
FTC will send $25.5 million to victims of tech support scams
Later this week, the Federal Trade Commission (FTC) will start distributing over $25.5 million in refunds to those misled by tech support companies Restoro and…
Google paid $12 million in bug bounties last year to security researchers
Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company’s Vulnerability Reward Program (VRP) in…
Swiss critical sector faces new 24-hour cyberattack reporting rule
Switzerland’s National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the…
Passwords in the new era of computing security
Last August, the National Institute of Standards and Technology (NIST) released its first three finalized post-quantum encryption standards, designed to withstand attacks from quantum computers.…
Microsoft lifts Windows 11 update block for some AutoCAD users
Microsoft has removed a compatibility hold that prevented some AutoCAD users from installing the Windows 11 2024 Update due to launch and crash issues. As…
Undocumented commands found in Bluetooth chip used by a billion devices
Update 3/9/25: After receiving concerns about the use of the term ‘backdoor’ to refer to these undocumented commands, we have updated our title and story.…