Category: Bleeping Computer

Chrome
15
Jan
2023

Google Chrome to let you disable or enable extensions per site

Google is working on a new feature that allows you to disable or enable Chrome extensions based on site-by-site basis….

CircleCI
14
Jan
2023

CircleCI’s hack caused by malware stealing engineer’s 2FA-backed session

Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that their 2FA-backed SSO session cookie, allowing access…

LockBit on thin ice
14
Jan
2023

The Week in Ransomware – January 13th 2023

The LockBit ransomware operation has again taken center stage in the ransomware news, as we learned yesterday they were behind…

Wordpress
13
Jan
2023

PoC exploits released for critical bugs in popular WordPress plugins

Three popular WordPress plugins with tens of thousands of active installations are vulnerable to high-severity or critical SQL injection vulnerabilities,…

NortonLifeLock
13
Jan
2023

NortonLifeLock warns that hackers breached Password Manager accounts

Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully…

Microsoft Defender
13
Jan
2023

Buggy Microsoft Defender ASR rule deletes Windows app shortcuts

Microsoft has addressed a false positive triggered by a buggy Microsoft Defender ASR rule that would delete application shortcuts from…

Fortinet
13
Jan
2023

Govt networks targeted with now-patched SSL-VPN zero-day

Fortinet says unknown attackers exploited a FortiOS SSL-VPN zero-day vulnerability patched last month in attacks against government organizations and government-related…

MetaMask
13
Jan
2023

MetaMask warns of new ‘Address Poisoning’ cryptocurrency scam

Cryptocurrency wallet provider MetaMask is warning users of a new scam called ‘Address Poisoning’ used to trick users into sending…

Microsoft Exchange
13
Jan
2023

Cuba ransomware hacking Exchange servers via OWASSRF flaw

Microsoft says Cuba ransomware threat actors are hacking Microsoft Exchange servers unpatched against a critical server-side request forgery (SSRF) vulnerability…

Microsoft Exchange
13
Jan
2023

Exchange Server 2013 reaches end of support in 90 days

Microsoft warned customers today that Exchange Server 2013 will reach its extended end-of-support (EOS) date 90 days from now, on…

Royal Mail logo on brick wall
13
Jan
2023

Royal Mail cyberattack linked to LockBit ransomware operation

A cyberattack on Royal Mail, UK’s largest mail delivery service, has been linked to the LockBit ransomware operation. Yesterday, the…

Hackers exploit critical CWP bug for remote access to networks
13
Jan
2023

Hackers exploit Control Web Panel flaw to open reverse shells

Hackers are actively exploiting a critical vulnerability patched recently in Control Web Panel (CWP), a tool for managing servers formerly…