North Korean hackers linked to $1.5 billion ByBit crypto heist
Over the weekend, blockchain security companies and experts have linked North Korea’s Lazarus hacking group to the theft of over $1.5 billion from cryptocurrency exchange…
Category: Bleeping Computer
Exploits for unpatched Parallels Desktop flaw give root on Macs
Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices.…
Google Cloud introduces quantum-safe digital signatures in KMS
Google Cloud has introduced quantum-safe digital signatures to its Cloud Key Management Service (Cloud KMS), making them available in preview. The tech giant says this…
Fake CS2 tournament streams used to steal crypto, Steam accounts
Threat actors are exploiting major Counter-Strike 2 (CS2) competitions, like IEM Katowice 2025 and PGL Cluj-Napoca 2025, to defraud gamers and steal their Steam accounts…
PayPal “New Address” feature abused to send phishing emails
An ongoing PayPal email scam exploits the platform’s address settings to send fake purchase notifications, tricking users into granting remote access to scammers For the…
Google Chrome disables uBlock Origin for some in Manifest v3 rollout
Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to…
SpyLend Android malware downloaded 100,000 times from Google Play
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a…
Apple pulls iCloud end-to-end encryption feature in the UK
Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers’ encrypted cloud data.…
Hacker steals record $1.46 billion from Bybit ETH cold wallet
Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets. “The incident…
CISA flags Craft CMS code injection flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is…
Black Basta ransomware gang’s internal chat logs leak online
An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. ExploitWhispers,…
Apiiro unveils free scanner to detect malicious code merges
Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb…