Category: Bleeping Computer

MongoDB
24
Dec
2025

MongoDB warns admins to patch severe RCE flaw immediately

MongoDB has warned IT admins to immediately patch a high-severity vulnerability that can be exploited in remote code execution (RCE)…

Share: X : MongoDB warns admins to patch severe RCE flaw immediatelyFacebook : MongoDB warns admins to patch severe RCE flaw immediatelyLinkedin : MongoDB warns admins to patch severe RCE flaw immediatelyReddit : MongoDB warns admins to patch severe RCE flaw immediatelyTelegram : MongoDB warns admins to patch severe RCE flaw immediatelyWhatsApp : MongoDB warns admins to patch severe RCE flaw immediatelyEmail : MongoDB warns admins to patch severe RCE flaw immediately
WebRAT malware spread via fake vulnerability exploits on GitHub
23
Dec
2025

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously…

Share: X : WebRAT malware spread via fake vulnerability exploits on GitHubFacebook : WebRAT malware spread via fake vulnerability exploits on GitHubLinkedin : WebRAT malware spread via fake vulnerability exploits on GitHubReddit : WebRAT malware spread via fake vulnerability exploits on GitHubTelegram : WebRAT malware spread via fake vulnerability exploits on GitHubWhatsApp : WebRAT malware spread via fake vulnerability exploits on GitHubEmail : WebRAT malware spread via fake vulnerability exploits on GitHub
Microsoft Teams
23
Dec
2025

Microsoft Teams strengthens messaging security by default in January

Microsoft announced that Teams will automatically enable messaging safety features by default to strengthen defenses against content tagged as malicious….

Share: X : Microsoft Teams strengthens messaging security by default in JanuaryFacebook : Microsoft Teams strengthens messaging security by default in JanuaryLinkedin : Microsoft Teams strengthens messaging security by default in JanuaryReddit : Microsoft Teams strengthens messaging security by default in JanuaryTelegram : Microsoft Teams strengthens messaging security by default in JanuaryWhatsApp : Microsoft Teams strengthens messaging security by default in JanuaryEmail : Microsoft Teams strengthens messaging security by default in January
Malicious extensions in Chrome Web store steal user credentials
23
Dec
2025

Malicious extensions in Chrome Web store steal user credentials

Two Chrome extensions in the Web Store named ‘Phantom Shuttle’ are posing as plugins for a proxy service to hijack user…

Share: X : Malicious extensions in Chrome Web store steal user credentialsFacebook : Malicious extensions in Chrome Web store steal user credentialsLinkedin : Malicious extensions in Chrome Web store steal user credentialsReddit : Malicious extensions in Chrome Web store steal user credentialsTelegram : Malicious extensions in Chrome Web store steal user credentialsWhatsApp : Malicious extensions in Chrome Web store steal user credentialsEmail : Malicious extensions in Chrome Web store steal user credentials
France La Poste
23
Dec
2025

Cyberattack knocks offline France’s postal, banking services

La Poste, the French national postal service, confirmed on Monday that all its information systems were knocked offline by “a…

Share: X : Cyberattack knocks offline France’s postal, banking servicesFacebook : Cyberattack knocks offline France’s postal, banking servicesLinkedin : Cyberattack knocks offline France’s postal, banking servicesReddit : Cyberattack knocks offline France’s postal, banking servicesTelegram : Cyberattack knocks offline France’s postal, banking servicesWhatsApp : Cyberattack knocks offline France’s postal, banking servicesEmail : Cyberattack knocks offline France’s postal, banking services
Apple
23
Dec
2025

Italy fines Apple $116 million over App Store privacy policy issues

Italy’s competition authority (AGCM) has fined Apple €98.6 million ($116 million) for using the App Tracking Transparency (ATT) privacy framework…

Share: X : Italy fines Apple $116 million over App Store privacy policy issuesFacebook : Italy fines Apple $116 million over App Store privacy policy issuesLinkedin : Italy fines Apple $116 million over App Store privacy policy issuesReddit : Italy fines Apple $116 million over App Store privacy policy issuesTelegram : Italy fines Apple $116 million over App Store privacy policy issuesWhatsApp : Italy fines Apple $116 million over App Store privacy policy issuesEmail : Italy fines Apple $116 million over App Store privacy policy issues
Baker University
23
Dec
2025

Baker University says 2024 data breach impacts 53,000 people

Baker University has disclosed a data breach after attackers gained access to its network one year ago and stole the…

Share: X : Baker University says 2024 data breach impacts 53,000 peopleFacebook : Baker University says 2024 data breach impacts 53,000 peopleLinkedin : Baker University says 2024 data breach impacts 53,000 peopleReddit : Baker University says 2024 data breach impacts 53,000 peopleTelegram : Baker University says 2024 data breach impacts 53,000 peopleWhatsApp : Baker University says 2024 data breach impacts 53,000 peopleEmail : Baker University says 2024 data breach impacts 53,000 people
Nissan says thousands of customers exposed in Red Hat breach
23
Dec
2025

Nissan says thousands of customers exposed in Red Hat breach

Nissan Motor Co. Ltd. (Nissan) has confirmed that information of thousands of its customers has been compromised after the data breach…

Share: X : Nissan says thousands of customers exposed in Red Hat breachFacebook : Nissan says thousands of customers exposed in Red Hat breachLinkedin : Nissan says thousands of customers exposed in Red Hat breachReddit : Nissan says thousands of customers exposed in Red Hat breachTelegram : Nissan says thousands of customers exposed in Red Hat breachWhatsApp : Nissan says thousands of customers exposed in Red Hat breachEmail : Nissan says thousands of customers exposed in Red Hat breach
New MacSync malware dropper evades macOS Gatekeeper checks
22
Dec
2025

New MacSync malware dropper evades macOS Gatekeeper checks

The latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application….

Share: X : New MacSync malware dropper evades macOS Gatekeeper checksFacebook : New MacSync malware dropper evades macOS Gatekeeper checksLinkedin : New MacSync malware dropper evades macOS Gatekeeper checksReddit : New MacSync malware dropper evades macOS Gatekeeper checksTelegram : New MacSync malware dropper evades macOS Gatekeeper checksWhatsApp : New MacSync malware dropper evades macOS Gatekeeper checksEmail : New MacSync malware dropper evades macOS Gatekeeper checks
CISA
22
Dec
2025

CISA flags ASUS Live Update CVE, but the attack is years old

An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying…

Share: X : CISA flags ASUS Live Update CVE, but the attack is years oldFacebook : CISA flags ASUS Live Update CVE, but the attack is years oldLinkedin : CISA flags ASUS Live Update CVE, but the attack is years oldReddit : CISA flags ASUS Live Update CVE, but the attack is years oldTelegram : CISA flags ASUS Live Update CVE, but the attack is years oldWhatsApp : CISA flags ASUS Live Update CVE, but the attack is years oldEmail : CISA flags ASUS Live Update CVE, but the attack is years old
Interpol-led action decrypts 6 ransomware strains, arrests hundreds
22
Dec
2025

Interpol-led action decrypts 6 ransomware strains, arrests hundreds

An Interpol-coordinated initiative called Operation Sentinel led to the arrest of 574 individuals and the recovery of $3 million linked…

Share: X : Interpol-led action decrypts 6 ransomware strains, arrests hundredsFacebook : Interpol-led action decrypts 6 ransomware strains, arrests hundredsLinkedin : Interpol-led action decrypts 6 ransomware strains, arrests hundredsReddit : Interpol-led action decrypts 6 ransomware strains, arrests hundredsTelegram : Interpol-led action decrypts 6 ransomware strains, arrests hundredsWhatsApp : Interpol-led action decrypts 6 ransomware strains, arrests hundredsEmail : Interpol-led action decrypts 6 ransomware strains, arrests hundreds
Malicious npm package steals WhatsApp accounts and messages
22
Dec
2025

Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp…

Share: X : Malicious npm package steals WhatsApp accounts and messagesFacebook : Malicious npm package steals WhatsApp accounts and messagesLinkedin : Malicious npm package steals WhatsApp accounts and messagesReddit : Malicious npm package steals WhatsApp accounts and messagesTelegram : Malicious npm package steals WhatsApp accounts and messagesWhatsApp : Malicious npm package steals WhatsApp accounts and messagesEmail : Malicious npm package steals WhatsApp accounts and messages