US dismantles laptop farm used by undercover North Korean IT workers
The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and…
Category: Bleeping Computer
Cisco warns of critical RCE zero-days in end of life IP phones
Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500…
CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open…
Exploit released for Cisco SSM bug allowing admin password changes
Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software…
BlackSuit ransomware behind over $500 million in ransom demands
CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more…
CISA warns of hackers abusing Cisco Smart Install feature
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommended disabling the legacy Cisco Smart Install (SMI) feature after seeing it abused in recent attacks.…
18-year-old security flaw in Firefox and Chrome exploited in attacks
A vulnerability disclosed 18 years ago, dubbed “0.0.0.0 Day”, allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact…
ADT confirms data breach after customer info leaked on hacking forum
American building security giant ADT confirmed it suffered a data breach after threat actors leaked allegedly stolen customer data on a popular hacking forum. ADT…
BlackSuit ransomware made over $500 million in ransom demands
CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more…
Ronin Network hacked, $12 million returned by “white hat” hackers
Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin bridge to withdraw 4,000 ETH…
SEC ends probe into MOVEit attacks impacting 95 million people
The SEC has concluded its investigation into Progress Software’s handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed data of over…
New CMoon USB worm targets Russians in data theft attacks
A new self-spreading worm named ‘CMoon,’ capable of stealing account credentials and other data, has been distributed in Russia since early July 2024 via a…