Why Your Browser is the Next Cybersecurity Battleground
For years, defensive security strategies have focused on three core areas: network, endpoint, and email. Meanwhile, the browser, where most modern work happens, sits across…
Category: Bleeping Computer
Palo Alto Networks tags new firewall bug as exploited in attacks
Palo Alto Networks warns that a file read vulnerability (CVE-2025-0111) is now being chained in attacks with two other flaws (CVE-2025-0108 with CVE-2024-9474) to breach…
Russian phishing campaigns exploit Signal’s device-linking feature
Russian threat actors have been launching phishing campaigns that exploit the legitimate “Linked Devices” feature in the Signal messaging app to gain unauthorized access to…
WinRAR 7.10 boosts Windows privacy by stripping MoTW data
WinRAR 7.10 was released yesterday with numerous features, such as larger memory pages, a dark mode, and the ability to fine-tune how Windows Mark-of-the-Web flags…
Cracked Garry’s Mod, BeamNG.drive games infect gamers with miners
A large-scale malware campaign dubbed “StaryDobry” has been targeting gamers worldwide with trojanized versions of cracked games such as Garry’s Mod, BeamNG.drive, and Dyson Sphere…
Venture capital giant Insight Partners hit by cyberattack
New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack. The…
Microsoft reminds admins to prepare for WSUS driver sync deprecation
Microsoft once again reminded IT administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18, just 60 days from…
Juniper patches critical auth bypass in Session Smart routers
Juniper Networks has patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices. The security flaw (tracked…
Chinese hackers abuse Microsoft APP-v tool to evade antivirus
The Chinese APT hacking group “Mustang Panda” has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes…
New OpenSSH flaws expose SSH servers to MiTM and DoS attacks
OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a…
Why a Checklist Won’t Stop Cyberattacks
By Autumn Stambaugh, Senior Sales Engineer at Pentera Think you’re safe because you’re compliant? Think again. Recent studies continue to highlight the concerning trend that…
Lee Enterprises newspaper disruptions caused by ransomware attack
Newspaper publishing giant Lee Enterprises has confirmed that a ransomware attack is behind ongoing disruptions impacting the group’s operations for over two weeks. As a…