Over 92,000 exposed D-Link NAS devices have a backdoor account
A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models. The…
Category: Bleeping Computer
US Health Dept warns hospitals of hackers targeting IT help desks
The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the…
Recent Windows updates break Microsoft Connected Cache delivery
Microsoft says Windows 10 updates released since the start of the year are breaking Microsoft Connected Cache (MCC) node discovery on enterprise networks. MCC servers…
The Week in Ransomware – April 5th 2024
Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services. Panera’s massive…
Microsoft fixes Windows Sysprep issue behind 0x80073cf2 errors
Microsoft has fixed a known issue causing 0x80073cf2 errors when using the System Preparation (Sysprep) tool after installing November Windows 10 updates. Admins use Sysprep to…
New Ivanti RCE flaw may impact 16,000 exposed VPN gateways
Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor…
Fake Facebook MidJourney AI page promoted malware to 1.2 million people
Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI’s SORA and ChatGPT-5, and DALL-E, to infect…
Acuity confirms hackers stole non-sensitive govt data from GitHub repos
Acuity, a federal contractor that works with U.S. government agencies, has confirmed that hackers breached its GitHub repositories and stole documents containing old and non-sensitive…
Panera Bread week-long IT outage caused by ransomware attack
Panera Bread’s recent week-long outage was caused by a ransomware attack, according to people familiar with the matter and emails seen by BleepingComputer. BleepingComputer has…
Visa warns of new JSOutProx malware variant targeting financial orgs
Visa is warning about a spike in detections for a new version of the JsOutProx malware targeting financial institutions and their customers. In a security…
New Latrodectus malware replaces IcedID in network breaches
A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023. The…
Microsoft fixes Outlook security alerts bug caused by December updates
Microsoft has fixed an issue that triggers erroneous Outlook security alerts when opening .ICS calendar files after installing the December 2023 Outlook Desktop security updates.…