Flipper Zero WiFi attack can unlock and steal Tesla cars
An easy phishing attack using a Flipper Zero device can lead to compromising Tesla accounts, unlocking cars, and starting them. The attack works on the…
Category: Bleeping Computer
AnyCubic fixes exploited 3D printer zero day flaw with new firmware
AnyCubic has released new Kobra 2 firmware to fix a zero-day vulnerability exploited last month to print security warnings on 3D printers worldwide. At…
Google engineer caught stealing AI tech secrets for Chinese firms
The U.S. Department of Justice (DoJ) has announced the unsealing of an indictment against Linwei (Leon) Ding, 38, a former software engineer at Google, suspected…
Critical TeamCity flaw now widely exploited to create admin accounts
Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday. Exploitation appears to…
U.S. lost record $12.5 billion to online crime in 2023
FBI’s Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which recorded a 22% increase in reported losses compared to 2022, amounting…
TeamCity auth bypass bug exploited to mass-generate admin accounts
Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday. Exploitation appears to…
PetSmart warns of credential stuffing attacks trying to hack accounts
Pet retail giant PetSmart is warning some customers their passwords were reset due to an ongoing credential stuffing attack attempting to breach accounts. PetSmart is…
Hacked WordPress sites use visitors’ browsers to hack other sites
Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors’ browsers to bruteforce passwords for other sites. The campaign was first…
Hackers impersonate U.S. government agencies in BEC attacks
A gang of hackers specialized in business email compromise (BEC) attacks and tracked as TA4903 has been impersonating various U.S. government entities to lure targets…
Canada’s anti-money laundering agency offline after cyberattack
The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has announced that a “cyber incident” forced it to take its corporate systems offline as…
Duvel says it has “more than enough” beer after ransomware attack
Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in the company’s bottling facilities. Duvel…
VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines…