Over 25,000 SonicWall VPN Firewalls exposed to critical flaws
Over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical severity flaws, with 20,000 using a SonicOS/OSX firmware version that the vendor no longer supports.…
Category: Bleeping Computer
Texas Tech University System data breach impacts 1.4 million patients
The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data…
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. As…
Kali Linux 2024.4 released with 14 new tools, deprecates some features
Kali Linux has released version 2024.4, the fourth and final version of 2024, and it is now available with fourteen new tools, numerous improvements, and deprecates some…
Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they…
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. Tracked as CVE-2024-35250, this security flaw…
ConnectOnCall breach exposes health data of over 910,000 patients
Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach…
Rhode Island confirms data breach after Brain Cipher ransomware attack
Rhode Island State House (Image: MOHANN) Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents’ personal information after the…
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named ‘NoviSpy,’ used to spy on activists, journalists, and protestors.…
Winnti hackers target other threat actors with new Glutton PHP backdoor
The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in…
Clop ransomware claims responsibility for Cleo data theft attacks
The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and…
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. According…