CISA urges devs to weed out OS command injection vulnerabilities
CISA and the FBI urged software companies on Wednesday to review their products and eliminate path OS command injection vulnerabilities before shipping. The advisory was…
Category: Bleeping Computer
Windows MSHTML zero-day used in malware attacks for over a year
Microsoft fixed a Windows zero-day vulnerability that has been actively exploited in attacks for eighteen months to launch malicious scripts while bypassing built-in security features.…
Microsoft fixes Windows 11 bug causing reboot loops, taskbar freezes
Microsoft has fixed a known issue causing restart loops and taskbar problems on Windows 11 systems after installing the June KB5039302 preview update. “This issue…
Google Advanced Protection Program gets passkeys for high-risk users
Google announced today that passkeys are now available for high-risk users when enrolling in the Advanced Protection Program, which provides the strongest level of account…
Ticket Heist network of 700 domains sells fake Olympic Games tickets
A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. The…
City of Philadelphia says over 35,000 hit in May 2023 breach
The City of Philadelphia revealed that a May 2024 disclosed in October impacted more than 35,000 individuals’ personal and protected health information. The investigation found…
Windows 11 KB5040442 update released with 31 fixes, changes
Microsoft is rolling out the KB5040442 cumulative update for Windows 11 23H2, which includes up to thirty-one improvements and changes. The changes include a new feature that adds…
US disrupts AI-powered bot farm pushing Russian propaganda on X
Almost a thousand Twitter accounts controlled by a large bot farm pushing Russian propaganda and domains used to register the bots were taken down in…
US and partners disrupt bot farm pushing Russian propaganda
Almost a thousand Twitter accounts controlled by a large bot farm pushing Russian propaganda and domains used to register the bots were taken down in…
Fujitsu confirms customer data exposed in March cyberattack
Fujitsu confirms that information related to some individuals and customers’ business has been compromised during the data breach detected earlier this year. The Japanese tech…
New Blast-RADIUS attack bypasses widely-used RADIUS authentication
Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks. Many networked…
Windows 11 KB5040435 update released with 31 fixes, changes
Microsoft is rolling out the KB5040442 cumulative update for Windows 11 23H3, which includes up to thirty-one improvements and changes. The changes include a new feature that adds…