Western Sydney University data breach exposed student data
Western Sydney University (WSU) has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. WSU…
Category: Bleeping Computer
Atlassian Bitbucket artifacts can leak plaintext auth secrets
Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. The issue was discovered by Mandiant, who was investigating…
Rockwell Automation warns admins to take ICS devices offline
Rockwell Automation warned customers to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet due to increasing malicious activity worldwide.…
Google rolls out Chrome fix for empty pages when switching tabs
Google is rolling out a server-side fix for a known issue affecting the Chrome browser that causes webpage content to temporarily disappear when users change…
GitHub warns of SAML auth bypass flaw in Enterprise Server
GitHub has fixed a maximum severity (CVSS v4 score: 10.0) authentication bypass vulnerability tracked as CVE-2024-4986, which impacts GitHub Enterprise Server (GHES) instances using SAML single sign-on…
Zoom adds post-quantum end-to-end encryption to video meetings
Zoom has announced the global availability of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with Zoom Phone and Zoom Rooms to follow soon. Meetings is…
OmniVision discloses data breach after 2023 ransomware attack
The California-based imaging sensors manufacturer OmniVision is warning of a data breach after the company suffered a Cactus ransomware attack last year. OmniVision, a subsidiary…
Critical Fluent Bit flaw impacts all major cloud providers
A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud providers and many technology giants.…
Owner of Incognito dark web drugs market arrested in New York
The alleged owner and operator of Incognito Market, a dark web marketplace for selling illegal narcotics online, was arrested at the John F. Kennedy Airport…
Windows 11 Recall AI feature will record everything you do on your PC
Microsoft has announced a new AI-powered feature for Windows 11 called ‘Recall,’ which records everything you do on your PC and lets you search through your…
New BiBi Wiper version also destroys the disk partition table
A new version of the BiBi Wiper malware is now deleting the disk partition table to make data restoration harder, extending the downtime for targeted…
QNAP QTS zero-day in Share feature gets public RCE exploit
An extensive security audit of QNAP QTS, the operating system for the company’s NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed.…