CISA says critical VMware RCE flaw now actively exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical VMware vCenter Server vulnerability as actively exploited and ordered federal agencies to secure…
Category: Bleeping Computer
ChatGPT Temporary chat feature is getting a much-needed upgrade
OpenAI is testing a big upgrade for ChatGPT’s temporary chat feature. The update will allow you to retain personalization in temporary chat, and still block temporary…
1Password adds pop-up warnings for suspected phishing sites
The 1Password digital vault and password manager has added built-in protection against phishing URLs to help users identify malicious pages and prevent them from sharing…
1Password adds pop-pup warnings for suspected phishing sites
The 1Password digital vault and password manager has added built-in protection against phishing URLs to help users identify malicious pages and prevent them from sharing…
Microsoft investigates Windows 11 boot failures after January updates
Microsoft is investigating reports that some Windows 11 devices are failing to boot with “UNMOUNTABLE_BOOT_VOLUME” errors after installing the January 2026 Patch Tuesday security updates. The…
Microsoft releases emergency OOB update to fix Outlook freezes
Microsoft has released emergency, out-of-band updates on Saturday for Windows 10, Windows 11, and Windows Server to fix an issue that prevented Microsoft Outlook from…
Sandworm hackers linked to failed wiper attack on Poland’s energy systems
A cyberattack targeting Poland’s power grid in late December 2025 has been linked to the Russian state-sponsored hacking group Sandworm, which attempted to deploy a…
Konni hackers target blockchain engineers with AI-built malware
The North Korean hacker group Konni (Opal Sleet, TA406) is using AI-generated PowerShell malware to target developers and engineers in the blockchain sector. Believed to…
ShinyHunters claim to be behind SSO-account data theft attacks
The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google,…
Malicious AI extensions on VSCode Marketplace steal developer data
Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are advertised as AI-based…
CISA confirms active exploitation of four enterprise software bugs
The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite…
Hackers exploit critical telnetd auth bypass flaw to get root
A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. The security…