Nokia investigates breach after hacker claims to steal source code
Nokia is investigating whether a third-party vendor was breached after a hacker claimed to be selling the company’s stolen source code. “Nokia is aware of…
Category: Bleeping Computer
DocuSign’s Envelopes API abused to send realistic fake invoices
Threat actors are abusing DocuSign’s Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. Using a…
Schneider Electric confirms dev platform breach after hacker steals data
Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company’s JIRA server. “Schneider…
Windows Server 2025 released—here are the new features
Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday, November 1st. In January 2024,…
Custom “Pygmy Goat” malware used in Sophos Firewall hack on govt network
UK’s National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named “Pigmy Goat” created to backdoor Sophos XG firewall devices as part…
Solving the painful password problem with better policies
The password problem — weak, reused credentials that are easy to compromise yet hard to remember and manage — plagues users and organizations. But despite…
Windows infected with backdoored Linux VMs in new phishing attacks
A new phishing campaign dubbed ‘CRON#TRAP’ infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks.…
Data of 500,000 stolen in July ransomware attack
The City of Columbus, Ohio, notified 500,000 individuals that a ransomware gang stole their personal and financial information in a July 2024 cyberattack. Ohio’s capital…
Microsoft confirms Windows Server 2025 blue screen, install issues
Microsoft has confirmed several bugs causing install and Blue Screen of Death (BSOD) issues impacting Windows Server 2025 systems with more than 256 logical processors.…
Cisco says DevHub site leak won’t enable future breaches
Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don’t contain information that could be exploited in…
Meet Interlock — The new ransomware targeting FreeBSD servers
Image: Midjourney A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. Launched…
ChatGPT-4o can be used for autonomous voice-based scams
Researchers have shown that it’s possible to abuse OpenAI’s real-time voice API for ChatGPT-4o, an advanced LLM chatbot, to conduct financial scams with low to…