Category: Bleeping Computer

CISA
30
Mar
2023

CISA orders agencies to patch bugs exploited to drop spyware

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies today to patch security vulnerabilities exploited as zero-days in…

Botnet
30
Mar
2023

Realtek and Cacti flaws now actively exploited by malware botnets

Multiple malware botnets actively target Cacti and Realtek vulnerabilities in campaigns detected between January and March 2023, spreading ShellBot and Moobot…

Bing
30
Mar
2023

Bing search results hijacked via misconfigured Microsoft app

A misconfigured Microsoft application allowed anyone to log in and modify Bing.com search results in real-time, as well as inject XSS…

Fox
30
Mar
2023

New AlienFox toolkit steals credentials for 18 cloud services

A new modular toolkit called ‘AlienFox’ allows threat actors to scan for misconfigured servers to steal authentication secrets and credentials…

Hacker spyware
30
Mar
2023

Google finds more Android, iOS zero-days used to install spyware

Google’s Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install…

3CX
29
Mar
2023

Hackers compromise 3CX desktop app in a supply chain attack

A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used…

SafeMoon
29
Mar
2023

SafeMoon ‘burn’ bug abused to drain $8.9 million from liquidity pool

The SafeMoon token liquidity pool lost $8.9 million after a hacker exploited a newly created ‘burn’ smart contract function that…

Steam
29
Mar
2023

Steam will drop support for Windows 7 and 8 in January 2024

Valve announced that its Steam online game platform will officially drop support for the Windows 7, Windows 8, and Windows…

QNAP
29
Mar
2023

QNAP warns customers to patch Linux Sudo flaw in NAS devices

Taiwanese hardware vendor QNAP warns customers to secure their Linux-powered network-attached storage (NAS) devices against a high-severity Sudo privilege escalation…

Microsoft Defender
29
Mar
2023

Microsoft Defender mistakenly tagging URLs as malicious

Microsoft Defender is mistakenly flagging legitimate links as malicious, and some customers have already received dozens of alert emails since…

Experts call for pause on AI training citing risks to humanity
29
Mar
2023

Experts call for pause on AI training citing risks to humanity

Over a thousand people, including professors and AI developers, have co-signed an open letter to all artificial intelligence labs, calling…

North Korea
29
Mar
2023

Newly exposed APT43 hacking group targeting US orgs since 2018

A new North Korean hacking group has been revealed to be targeting government organizations, academics, and think tanks in the…