Biden bans Kaspersky antivirus software in US over security concerns
Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving…
Category: Bleeping Computer
CosmicSting flaw impacts 75% of Adobe Commerce, Magento sites
A vulnerability dubbed “CosmicSting” impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions…
Phoenix UEFI vulnerability impacts hundreds of Intel PC models
A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates…
UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs
A suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named ‘Reptile’ and ‘Medusa’ to remain hidden on VMware ESXi virtual machines, allowing…
SolarWinds Serv-U path-traversal flaw actively exploited in attacks
Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. Although the attacks do not appear particularly sophisticated, the…
CDK Global hacked again while recovering from first cyberattack
Car dealership SaaS platform CDK Global suffered an additional breach Wednesday night as it was starting to restore systems shut down in an previous cyberattack. CDK…
T-Mobile denies it was hacked, links leaked data to vendor breach
T-Mobile has denied it was breached or that source code was stolen after a threat actor claimed to be selling stolen data from the telecommunications…
Crown Equipment confirms a cyberattack disrupted manufacturing
Image: DigitalIceAge Forklift manufacturer Crown Equipment confirmed today that it suffered a cyberattack earlier this month that disrupted manufacturing at its plants. Crown is one of the…
Advance Auto Parts confirms data breach exposed employee information
Advance Auto Parts has confirmed it suffered a data breach after a threat actor attempted to sell stolen data on a hacking forum earlier this…
CDK Global cyberattack impacts thousands of US car dealerships
Car dealership software-as-a-service provider CDK Global was hit by a massive cyberattack, causing the company to shut down its systems and leaving clients unable to…
“Researchers” exploit Kraken exchange bug, steal $3 million in crypto
The Kraken crypto exchange disclosed today that alleged security researchers exploited a zero-day website bug to steal $3 million in cryptocurrency and then refused to…
Microsoft says bug causes Windows 10 apps to display Open With dialogs
Microsoft has confirmed that Windows 10 apps will mistakenly display an “How do you want to open this file?” dialog box when attempting to right-click…