HealthEquity says data breach impacts 4.3 million people
HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people. HealthEquity, one of the largest…
Category: Bleeping Computer
Proofpoint settings exploited to send millions of phishing emails daily
A massive phishing campaign dubbed “EchoSpoofing” exploited now-fixed, weak permissions in Proofpoint’s email protection service to dispatch millions of spoofed emails impersonating big entities like Disney,…
Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. Selenium…
WhatsApp for Windows lets Python, PHP scripts execute with no warning
A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the…
X begins training Grok AI with your posts, here’s how to disable
X has quietly begun training its Grok AI chat platform using members’ public posts without first alerting anyone that it is doing it by default. As AI…
Windows 11 taskbar has a hidden “End Task” feature, how to turn it on
Microsoft has added a feature to Windows 11 that allows you to end tasks directly from the taskbar, but it’s turned off by default. How…
Google fixes Chrome Password Manager bug that hides credentials
Google has fixed a bug in Chrome’s Password Manager that caused user credentials to disappear temporarily for more than 18 hours. The outage began on…
Crypto exchange Gemini discloses third-party data breach
Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name…
FBCS data breach impact now reaches 4.2 million people
Debt collection agency Financial Business and Consumer Solutions (FBCS) has again increased the number of people impacted by a February data breach, now saying it…
July Windows Server updates break Remote Desktop connections
Microsoft has confirmed that July’s security updates break remote desktop connections in organizations where Windows servers are configured to use the legacy RPC over HTTP…
Acronis warns of Cyber Infrastructure default password abused in attacks
Image: MidjourneyAcronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials. Acronis Cyber Protect (ACI)…
Russian ransomware gangs account for 69% of all ransom proceeds
Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding $500,000,000. This number is from…