Zyxel won’t patch newly exploited flaws in end-of-life routers
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has no plans to issue fixing patches and…
Category: Bleeping Computer
Google Play, Apple App Store apps caught stealing crypto wallets
Android and iOS apps on the Google Play Store and Apple App Store contain a malicious software development kit (SDK) designed to steal cryptocurrency wallet…
Cyber agencies share security guidance for network edge devices
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances…
Chinese cyberspies use new SSH backdoor in network device hacks
A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. The…
7-Zip MotW bypass exploited in zero-day attacks against Ukraine
A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since…
Netgear warns users to patch critical WiFi router vulnerabilities
Netgear has fixed two critical vulnerabilities affecting multiple WiFi router models and urged customers to update their devices to the latest firmware as soon as…
How hackers target your Active Directory with breached VPN passwords
As the gateways to corporate networks, VPNs are an attractive target for attackers seeking access to Active Directory environments. And when VPN credentials become compromised…
California man steals $50 million using fake investment sites, gets 7 years
A 59-year-old man from Irvine, California, was sentenced to 87 months in prison for his involvement in an investor fraud ring that stole $50 million…
GrubHub data breach impacts customers, drivers, and merchants
Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its…
First Apple-notarized porn app available to iPhone users in Europe
The first Apple-notarized porn app, “Hot Tub,” is now available to iPhone users in Europe through the alternative app marketplace, AltStore PAL. Apple does not…
Amazon Redshift gets new default settings to prevent data breaches
Amazon has announced key security enhancements for Redshift, a popular data warehousing solution, to help prevent data exposures due to misconfigurations and insecure default settings.…
Google fixes Android kernel zero-day exploited in attacks
The January 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability tagged as exploited in the wild. This high-severity zero-day (tracked as…